diff options
author | Péter Dimitrov <[email protected]> | 2019-03-20 17:10:26 +0100 |
---|---|---|
committer | Péter Dimitrov <[email protected]> | 2019-03-21 16:49:01 +0100 |
commit | 9a7a1dec4e27012c804762bb79d4847ee7e23d2f (patch) | |
tree | 9c502e09cae78ef9c426a3a75b3f87e012bc3d63 /lib/ssl/doc/src/ssl_app.xml | |
parent | e739ec80b5546e8d04f08c1f4a6c0067be2c13a7 (diff) | |
download | otp-9a7a1dec4e27012c804762bb79d4847ee7e23d2f.tar.gz otp-9a7a1dec4e27012c804762bb79d4847ee7e23d2f.tar.bz2 otp-9a7a1dec4e27012c804762bb79d4847ee7e23d2f.zip |
ssl: Update standards compliance
Change-Id: I365965750e4b9747bf1fb8560f34afe6eecf7f02
Diffstat (limited to 'lib/ssl/doc/src/ssl_app.xml')
-rw-r--r-- | lib/ssl/doc/src/ssl_app.xml | 41 |
1 files changed, 3 insertions, 38 deletions
diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml index 893919aeb4..b05caf44ea 100644 --- a/lib/ssl/doc/src/ssl_app.xml +++ b/lib/ssl/doc/src/ssl_app.xml @@ -35,45 +35,10 @@ <description> <p> - The ssl application is an implementation of the SSL/TLS/DTLS protocol in Erlang. + The ssl application is an implementation of the SSL, TLS and DTLS protocols in Erlang. </p> - <list type="bulleted"> - <item>Supported SSL/TLS/DTLS-versions are SSL-3.0, TLS-1.0, - TLS-1.1, TLS-1.2, DTLS-1.0 (based on TLS-1.1), DTLS-1.2 (based on TLS-1.2)</item> - <item>For security reasons SSL-2.0 is not supported. - Interoperability with SSL-2.0 enabled clients dropped. (OTP 21) </item> - <item>For security reasons SSL-3.0 is no longer supported by default, - but can be configured. (OTP 19) </item> - <item>For security reasons RSA key exchange cipher suites are no longer supported by default, - but can be configured. (OTP 21) </item> - <item>For security reasons DES cipher suites are no longer supported by default, - but can be configured. (OTP 20) </item> - <item>For security reasons 3DES cipher suites are no longer supported by default, - but can be configured. (OTP 21) </item> - <item> Renegotiation Indication Extension <url href="http://www.ietf.org/rfc/rfc5746.txt">RFC 5746</url> is supported - </item> - <item>Ephemeral Diffie-Hellman cipher suites are supported, - but not Diffie Hellman Certificates cipher suites.</item> - <item>Elliptic Curve cipher suites are supported if the Crypto - application supports it and named curves are used. - </item> - <item>Export cipher suites are not supported as the - U.S. lifted its export restrictions in early 2000.</item> - <item>IDEA cipher suites are not supported as they have - become deprecated by the latest TLS specification so it is not - motivated to implement them.</item> - <item>Compression is not supported.</item> - <item>CRL validation is supported.</item> - <item>Policy certificate extensions are not supported.</item> - <item>'Server Name Indication' extension - (<url href="http://www.ietf.org/rfc/rfc6066.txt">RFC 6066</url>) is supported.</item> - <item>Application Layer Protocol Negotiation (ALPN) and its successor Next Protocol Negotiation (NPN) - are supported. </item> - <item>It is possible to use Pre-Shared Key (PSK) and Secure Remote Password (SRP) - cipher suites, but they are not enabled by default. - </item> - </list> - </description> + <p>For current statement of standards compliance see the <seealso marker="standards_compliance">User's Guide</seealso>.</p> + </description> <section> <title>DEPENDENCIES</title> |