update to also reflect dcooper16's work

CREDITS.md

@@ -21,43 +21,44 @@
  - JSON and CSV output
  - CA pinning
  - Client simulations
- - CI integration, test cases for it
+ - CI integration, some test cases for it
 
 * David Cooper
  - Detection + output of multiple certificates
  - several cleanups of server certificate related stuff
- - several fixes
- - completing parsing of TLS ServerHello messages
- - testssl.sh -e: testing with a mixture of openssl + sockets
+ - extended parsing of TLS ServerHello messages
+ - testssl.sh -e/-E: testing with a mixture of openssl + sockets
  - finding more TLS extensions via sockets
- - extensive CN <--> hostname check
+ - extensive CN+SAN <--> hostname check
  - seperate check for curves
  - RFC 7919, key shares extension
- 
+ - parallel mass testing!
+ - numerous fixes
+
 * Thomas Patzke:
-  - Support of supplying timeout value for openssl connect 
- 
+  - Support of supplying timeout value for openssl connect
+
 * Oleksandr Nosenko
-  - non-flat JSON support
-  - in file output (CSV, JSON flat, JSON non-flat) support of a minimum severity level 
+  - non-flat JSON support (--json-pretty)
+  - in file output (CSV, JSON flat, JSON non-flat) support of a minimum severity level
 
 - Christoph Badura
  - NetBSD fixes
 
 * Jean Marsault
  - client auth: ideas, code snipplets
- 
-* Maciej Grela 
+
+* Maciej Grela
   - colorless handling
 
 * Olivier Paroz
-  - conversion xxd --> hexdump stuff 
+  - conversion xxd --> hexdump stuff
 
 * @typingArtist
   - improved BEAST detection
 
 * @f-s
- - ARM binary support  
+ - ARM binary support
 
 * Jeroen Wiert Pluimers
   - Darwin binaries support
@@ -93,15 +94,16 @@
 * @nvsofts (NV)
  - LibreSSL patch for GOST
 
-* Markus Manzke: 
+* Markus Manzke
  - Fix for HSTS + subdomains
  - LibreSSL patch
 
 * Dmitri S
  - inspiration & help for Darwin port
 
-* Bug reports:
-  - Viktor Szépe, Olivier Paroz, Jan H. Terstegge, Lorenz Adena, Jonathon Rossi, Stefan Stidl, Frank Breedijk
+
+Others I forgot to mention which did give me feedback, bug reports and helped one way or another.
+
 
 ##### Last but not least:
 
@@ -109,5 +111,5 @@
 
 * Ivan Ristic/Qualys for the liberal license which made it possible to use the client data
 
-* my family for supporting me doing this work
+* My family for supporting me doing this work
 

Readme.md

@@ -1,7 +1,7 @@
 
 ## Intro
 
-[![Build Status](https://travis-ci.org/drwetter/testssl.sh.svg?branch=master)](https://travis-ci.org/drwetter/testssl.sh) 
+[![Build Status](https://travis-ci.org/drwetter/testssl.sh.svg?branch=master)](https://travis-ci.org/drwetter/testssl.sh)
 [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/drwetter/testssl.sh?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
 
 `testssl.sh` is a free command line tool which checks a server's service on
@@ -32,16 +32,16 @@ Here in the _2.9dev branch you find the development version_ of the software
 -- with new features and maybe some bugs. For the stable version and **a
 more thorough description of the command line options** please see
 [testssl.sh](https://testssl.sh/ "Go to the site with the stable version
-and more documentation") or https://github.com/drwetter/testssl.sh/wiki/Usage-Documentation. 
+and more documentation") or https://github.com/drwetter/testssl.sh/wiki/Usage-Documentation.
 
 #### Compatibility
 
 testssl.sh is working on every Linux/BSD distribution out of the box. In 2.9dev most
-of the limitations of disabled features from the openssl client are gone due to bash-socket-based 
-checks. testssl.sh also works on otherunixoid system out of the box, supposed they have 
-`/bin/bash` and standard tools like sed and awk installed. System V needs to have GNU versions 
-of grep and sed installed. MacOS X and Windows (using MSYS2 or cygwin) work too. OpenSSL 
-version >= 1 is a must.  OpenSSL version >= 1.0.2 is needed for better LOGJAM checks and to 
+of the limitations of disabled features from the openssl client are gone due to bash-socket-based
+checks. testssl.sh also works on otherunixoid system out of the box, supposed they have
+`/bin/bash` and standard tools like sed and awk installed. System V needs to have GNU versions
+of grep and sed installed. MacOS X and Windows (using MSYS2 or cygwin) work too. OpenSSL
+version >= 1 is a must.  OpenSSL version >= 1.0.2 is needed for better LOGJAM checks and to
 display bit strengths for key exchanges.
 
 Update notification here or @ [twitter](https://twitter.com/drwetter).
@@ -56,17 +56,18 @@ Update notification here or @ [twitter](https://twitter.com/drwetter).
 * Non-flat JSON support
 * File output (CSV, JSON flat, JSON non-flat) supports a minimum severity level (only above supplied level there will be output)
 * Native HTML support instead going through 'aha'
-* Testing 359 default ciphers (``testssl.sh -e``) with a mixture of sockets and openssl. Same speed as with openssl only but addtional ciphers such as post-quantum ciphers, new CHAHA20/POLY1305, CamelliaGCM etc.
+* Testing 359 default ciphers (``testssl.sh -e/-E``) with a mixture of sockets and openssl. Same speed as with openssl only but addtional ciphers such as post-quantum ciphers, new CHAHA20/POLY1305, CamelliaGCM etc.
 * LUCKY13 and SWEET32 checks
 * Ticketbleed check
 * LOGJAM: now checking also for known DH parameters
 * Check for CAA RR
-* Check for OCSP must staple 
+* Check for OCSP must staple
 * Check for session resumption (Ticket, ID)
 * Better formatting of output (indentation)
 * Choice showing the RFC naming scheme only
+* Parallel mass testing
 
-#### Features planned in 2.9dev
+#### Further features planned in 2.9dev
 
 https://github.com/drwetter/testssl.sh/issues?q=is%3Aopen+is%3Aissue+milestone%3A2.9dev
 
@@ -88,9 +89,9 @@ Help is needed here.
 
 #### Bug reports
 
-Please file bugs in the issue tracker. Do not forget to provide detailed information, 
-see https://github.com/drwetter/testssl.sh/wiki/Bug-reporting. (Nobody can read your 
-thoughts -- yet. And only agencies your screen) ;-)
+Please file bugs in the issue tracker. Do not forget to provide detailed information,
+see https://github.com/drwetter/testssl.sh/wiki/Bug-reporting. Nobody can read your
+thoughts -- yet. And only agencies your screen ;-)
 
 ----