diff options
| author | Péter Dimitrov <[email protected]> | 2019-07-26 14:53:30 +0200 |
|---|---|---|
| committer | Péter Dimitrov <[email protected]> | 2019-07-26 14:53:30 +0200 |
| commit | 0b9ff2f07dc1bc84325b5c3633efff719b2d20eb (patch) | |
| tree | c9afad42e4044485dbe37675245836f429268641 /lib/ssl/doc/src/ssl.xml | |
| parent | ecf71a31ae45f1ec5ca2d266040a6aa40e3455d7 (diff) | |
| parent | 5fc96782a03e2fa170a8a7a3781d32b176af0548 (diff) | |
| download | otp-0b9ff2f07dc1bc84325b5c3633efff719b2d20eb.tar.gz otp-0b9ff2f07dc1bc84325b5c3633efff719b2d20eb.tar.bz2 otp-0b9ff2f07dc1bc84325b5c3633efff719b2d20eb.zip | |
Merge branch 'maint'
* maint:
ssl: Reorder testcases in ssl_api_SUITE
ssl: Fix handshake pause in TLS 1.3
ssl: Implement option honor_cipher_order in TLS 1.3
ssl: Add test for option supported_groups
ssl: Document option supported_groups
ssl: Fix ssl_api_SUITE:connection_information
ssl: Fix property tests for SSLv3
ssl: Update property tests with pre_shared_key
ssl: Implement pre_shared_key extension
ssl: Update property tests with psk_key_exchange_modes
ssl: Implement psk_key_exchange_modes extension
Diffstat (limited to 'lib/ssl/doc/src/ssl.xml')
| -rw-r--r-- | lib/ssl/doc/src/ssl.xml | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 3aa6e09c2c..05590666da 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -207,6 +207,10 @@ <datatype> <name name="sign_scheme"/> </datatype> + + <datatype> + <name name="group"/> + </datatype> <datatype> <name name="kex_algo"/> @@ -363,7 +367,20 @@ </p> </desc> </datatype> - + + <datatype> + <name name="supported_groups"/> + <desc> + <p>TLS 1.3 introduces the "supported_groups" extension that is used for negotiating + the Diffie-Hellman parameters in a TLS 1.3 handshake. Both client and server + can specify a list of parameters that they are willing to use. + </p> + <p> If it is not specified it will use a default list ([x25519, x448, secp256r1, secp384r1]) that + is filtered based on the installed crypto library version. + </p> + </desc> + </datatype> + <datatype> <name name="secure_renegotiation"/> <desc><p>Specifies if to reject renegotiation attempt that does @@ -919,6 +936,8 @@ fun(srp, Username :: string(), UserState :: term()) -> <name name="dh_der"/> <desc><p>The DER-encoded Diffie-Hellman parameters. If specified, it overrides option <c>dhfile</c>.</p> + <warning><p>The <c>dh_der</c> option is not supported by TLS 1.3. Use the + <c>supported_groups</c> option instead.</p></warning> </desc> </datatype> @@ -928,6 +947,8 @@ fun(srp, Username :: string(), UserState :: term()) -> parameters to be used by the server if a cipher suite using Diffie Hellman key exchange is negotiated. If not specified, default parameters are used.</p> + <warning><p>The <c>dh_file</c> option is not supported by TLS 1.3. Use the + <c>supported_groups</c> option instead.</p></warning> </desc> </datatype> |