doc updatetmp-remove-camellia

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2017-09-08 22:01:39 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2017-09-08 22:01:39 +0200
commit: b71d89d79210e15f7bf90b4c24923d5f63bd093f (patch)
tree: e9726295932e480c8dc5de48fa3d762720f93a8b
parent: 047a212b3674ade953b56a520ba2dbeec1bd5568 (diff)
download: gnutls-tmp-remove-camellia.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index b3fb4a361c..bfaac382b9 100644
--- a/NEWS
+++ b/NEWS
@@ -15,6 +15,12 @@ See the end for copying conditions.
    SHA1. They will now sign with an algorithm that corresponds to the security
    level of the signer's key.
 
+** libgnutls: Removed the camellia (GCM and CBC) ciphersuites from the default priority sets.
+   There are already the AES-CCM and CHACHA20-POLY1305 ciphersuites as AES-GCM backup,
+   and the camellia ciphersuites are not widespread to justify keeping them.
+   That way we reduce the number of the ciphersuites sent, which also allows connections
+   to few broken servers which require a low number of ciphersuites.
+
 ** libgnutls: gnutls_x509_*_sign2() functions and gnutls_x509_*_privkey_sign()
    accept GNUTLS_DIG_UNKNOWN (0) as a hash function option. That will signal
    the function to auto-detect an appropriate hash algorithm to use.
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2017-09-08 22:01:39 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2017-09-08 22:01:39 +0200
commit	b71d89d79210e15f7bf90b4c24923d5f63bd093f (patch)
tree	e9726295932e480c8dc5de48fa3d762720f93a8b
parent	047a212b3674ade953b56a520ba2dbeec1bd5568 (diff)
download	gnutls-tmp-remove-camellia.tar.gz