diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-07-12 15:14:39 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-07-13 08:52:22 +0200 |
commit | 7f74ddbd0bfab5c45ef7d3bd59a806ed6fa6082a (patch) | |
tree | 6c94c08d24621d5ed83e719d860a888586126697 /doc | |
parent | bc1fc07e6bfaa526a1292f8ca81451884bb53400 (diff) | |
download | gnutls-7f74ddbd0bfab5c45ef7d3bd59a806ed6fa6082a.tar.gz |
The SSL 3.0 protocol is disabled on compile time by default
It can be re-enabled by specifying --enable-ssl3-support on configure script.
This is the first step before removing support for the protocol completely.
Relates #103
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'doc')
-rw-r--r-- | doc/cha-library.texi | 2 | ||||
-rw-r--r-- | doc/cha-upgrade.texi | 5 |
2 files changed, 6 insertions, 1 deletions
diff --git a/doc/cha-library.texi b/doc/cha-library.texi index 7fe7fb7297..354bb0a769 100644 --- a/doc/cha-library.texi +++ b/doc/cha-library.texi @@ -15,7 +15,7 @@ include: @itemize -@item Support for TLS 1.3, TLS 1.2, TLS 1.1, TLS 1.0 and SSL 3.0 protocols. +@item Support for TLS 1.3, TLS 1.2, TLS 1.1, TLS 1.0 and optionally SSL 3.0 protocols. @item Support for Datagram TLS 1.0 and 1.2. diff --git a/doc/cha-upgrade.texi b/doc/cha-upgrade.texi index 3e593dffb7..83e1120840 100644 --- a/doc/cha-upgrade.texi +++ b/doc/cha-upgrade.texi @@ -194,6 +194,11 @@ however, there are minor differences, listed below. @item The priority strings "+COMP" are a no-op @tab TLS compression is no longer available. +@item The SSL 3.0 protocol is a no-op +@tab SSL 3.0 is no longer compiled in by default. It is a legacy protocol +which is completely eliminated from public internet. As such it was removed +to reduce the attack vector for applications using the library. + @item The hash function SHA2-224 is a no-op for TLS1.2 @tab TLS 1.3 no longer uses SHA2-224, and it was never a widespread hash algorithm. As such it was removed for simplicity. |