diff options
| author | Ingela Anderton Andin <[email protected]> | 2012-08-23 15:27:27 +0200 |
|---|---|---|
| committer | Ingela Anderton Andin <[email protected]> | 2012-08-23 15:27:27 +0200 |
| commit | 2272217e87122fbb44e1e74fe74283b82282a94f (patch) | |
| tree | 15abcc4ece9bb5bd09154486e81ed0feb1a0b15d /lib/ssl/doc/src/ssl.xml | |
| parent | 5b51ee7f109b4492870958d86338e216288a4a37 (diff) | |
| parent | f5c54053e4d99c7c6eb1163047632d16c1fd5f19 (diff) | |
| download | otp-2272217e87122fbb44e1e74fe74283b82282a94f.tar.gz otp-2272217e87122fbb44e1e74fe74283b82282a94f.tar.bz2 otp-2272217e87122fbb44e1e74fe74283b82282a94f.zip | |
Merge branch 'ia/ssl/tls1.1and1.2' into maint
* ia/ssl/tls1.1and1.2: (46 commits)
ssl: Clean up of code thanks to dialyzer
ssl: Test suite adjustments
ssl & public_key: Prepare for release
ssl: Use crypto:strong_rand_bytes if possible
ssl & public_key: Add use of more "sha-rsa oids"
ssl: Fix inet header option to behave as in inet
ssl: TLS 1.2: fix hash and signature handling
ssl: TLS 1.2: fix Certificate Request list of Accepted Signatur/Hash combinations
ssl: Add Signature Algorithms hello extension from TLS 1.2
ssl: Fix rizzo tests to run as intended
ssl: TLS-1.1 and TLS-1.2 support should not be default until R16
ssl: Signture type bug
ssl: Add crypto support check (TLS 1.2 require sha256 support)
ssl: Dialyzer fixes
ssl: IDEA cipher is deprecated by TLS 1.2
ssl: Run relevant tests for all SSL/TLS versions
ssl: Add TLS version switches to openssl tests
ssl: Enable TLS 1.2
ssl: Enable mac_hash for TLS 1.2
ssl: Implement TLS 1.2 signature support
...
Diffstat (limited to 'lib/ssl/doc/src/ssl.xml')
| -rw-r--r-- | lib/ssl/doc/src/ssl.xml | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 28bf82b406..5098d26a3a 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -36,12 +36,16 @@ <list type="bulleted"> <item>ssl requires the crypto and public_key applications.</item> - <item>Supported SSL/TLS-versions are SSL-3.0 and TLS-1.0 </item> + <item>Supported SSL/TLS-versions are SSL-3.0 and TLS-1.0, experimental + support for TLS-1.1 and TLS-1.2 is also available (no support for elliptic curve cipher suites yet).</item> <item>For security reasons sslv2 is not supported.</item> <item>Ephemeral Diffie-Hellman cipher suites are supported but not Diffie Hellman Certificates cipher suites.</item> <item>Export cipher suites are not supported as the U.S. lifted its export restrictions in early 2000.</item> + <item>IDEA cipher suites are not supported as they have + become deprecated by the latest TLS spec so there is not any + real motivation to implement them.</item> <item>CRL and policy certificate extensions are not supported yet. </item> </list> @@ -75,7 +79,7 @@ {keyfile, path()} | {password, string()} | {cacerts, [der_encoded()]} | {cacertfile, path()} | |{dh, der_encoded()} | {dhfile, path()} | {ciphers, ciphers()} | - {ssl_imp, ssl_imp()} | {reuse_sessions, boolean()} | {reuse_session, fun()} + {ssl_imp, ssl_imp()}| {reuse_sessions, boolean()} | {reuse_session, fun()} </c></p> <p><c>transportoption() = {CallbackModule, DataTag, ClosedTag} @@ -106,7 +110,7 @@ <p><c>sslsocket() - opaque to the user. </c></p> - <p><c>protocol() = sslv3 | tlsv1 </c></p> + <p><c>protocol() = sslv3 | tlsv1 | 'tlsv1.1' | 'tlsv1.2' </c></p> <p><c>ciphers() = [ciphersuite()] | string() (according to old API)</c></p> |