diff options
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 8 |
1 files changed, 6 insertions, 2 deletions
@@ -17,8 +17,9 @@ See the end for copying conditions. ** libgnutls: Added support for GOST CNT_IMIT ciphersuite (as defined by draft-smyshlyaev-tls12-gost-suites-06). - By default this ciphersuite is disabled. One has to add following items to priority strings: - +VKO-GOST-12:+GROUP-GOST-ALL:+GOST28147-TC26Z-CNT:+GOST28147-TC26Z-IMIT:+SIGN-GOSTR341012-512:+SIGN-GOSTR341012-256:+SIGN-GOSTR341001. + By default this ciphersuite is disabled. One has to enable it by adding + +GOST to priority string. It will enable this ciphersuite (and other GOST + ciphersuites in future). Note, that server will fail to negotiate GOST ciphersuites if TLS 1.3 is enabled both on a server and a client. It is recommended for now to disable TLS 1.3 in setups where GOST ciphersuites are enabled on GnuTLS-based servers. @@ -39,6 +40,9 @@ See the end for copying conditions. ** certtool: The add_extension template option is considered even when generating a certificate from a certificate request. +** libgnutls: added priority shortcuts for different GOST categories like + CIPHER-GOST-ALL, MAC-GOST-ALL, KX-GOST-ALL, SIGN-GOST-ALL, GROUP-GOST-ALL. + ** API and ABI modifications: gnutls_ocsp_req_const_t: Added |