diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-03-13 11:11:52 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-03-23 20:51:35 +0100 |
| commit | c21c85550f6beb00d11ebd59cbcf3bcd2ccf926d (patch) | |
| tree | 6a1b48d76452f4d4e68c0c995f68ce1e0adfd341 | |
| parent | 0ac0b774ce66e3f43e2e2843d6176229e0c51490 (diff) | |
| download | gnutls-tmp-draft-ietf-tls13-26.tar.gz | |
doc updatetmp-draft-ietf-tls13-26
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| -rw-r--r-- | NEWS | 6 |
1 files changed, 5 insertions, 1 deletions
@@ -11,7 +11,7 @@ See the end for copying conditions. mode, i.e., strict vs a more lax mode which will allow certain non FIPS140-2 operations. -** libgnutls: Introduced support for draft-ietf-tls-tls13-23. It includes version +** libgnutls: Introduced support for draft-ietf-tls-tls13-26. It includes version negotiation, post handshake authentication, length hiding, multiple OCSP support, consistent ciphersuite support across protocols, hello retry requests, ability to adjust key shares via gnutls_init() flags, certificate authorities extension, @@ -29,6 +29,10 @@ See the end for copying conditions. ** libgnutls: gnutls_privkey_import_ext4() was enhanced with the GNUTLS_PRIVKEY_INFO_PK_ALGO_BITS flag. +** libgnutls: on group exchange honor the %SERVER_PRECEDENCE and select the groups + which are preferred by the server. That unfortunately has complicated semantics + as TLS1.2 requires specific ordering of the groups based on the ciphersuite ordering, + making group order unpredictable under TLS1.3. ** API and ABI modifications: gnutls_fips140_set_mode: Added |