diff options
author | Erlang/OTP <[email protected]> | 2015-06-23 10:24:26 +0200 |
---|---|---|
committer | Erlang/OTP <[email protected]> | 2015-06-23 10:24:26 +0200 |
commit | 2955ddebc32837b66d9bacb4e925ad0ed0033168 (patch) | |
tree | d6bff1708a209ee317a1d1bbb78d237a999bfd23 /lib/ssl | |
parent | 7cff27e14e051b6ee15f564335eb8e685e1639c1 (diff) | |
download | otp-2955ddebc32837b66d9bacb4e925ad0ed0033168.tar.gz otp-2955ddebc32837b66d9bacb4e925ad0ed0033168.tar.bz2 otp-2955ddebc32837b66d9bacb4e925ad0ed0033168.zip |
Prepare release
Diffstat (limited to 'lib/ssl')
-rw-r--r-- | lib/ssl/doc/src/notes.xml | 83 |
1 files changed, 82 insertions, 1 deletions
diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 43ed006781..b87b1b4fa7 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -26,7 +26,88 @@ <file>notes.xml</file> </header> <p>This document describes the changes made to the SSL application.</p> - <section><title>SSL 6.0.1</title> + <section><title>SSL 7.0</title> + + <section><title>Fixed Bugs and Malfunctions</title> + <list> + <item> + <p> + Ignore signature_algorithm (TLS 1.2 extension) sent to + TLS 1.0 or TLS 1.1 server</p> + <p> + Own Id: OTP-12670</p> + </item> + <item> + <p> + Improve error handling in TLS distribution module to + avoid lingering sockets.</p> + <p> + Own Id: OTP-12799 Aux Id: Tom Briden </p> + </item> + <item> + <p> + Add option {client_renegotiation, boolean()} option to + the server-side of the SSL application.</p> + <p> + Own Id: OTP-12815</p> + </item> + <item> + <p> + Gracefully ignore proprietary hash_sign algorithms</p> + <p> + Own Id: OTP-12829</p> + </item> + </list> + </section> + + + <section><title>Improvements and New Features</title> + <list> + <item> + <p> + Add new API functions to handle CRL-verification</p> + <p> + Own Id: OTP-10362 Aux Id: kunagi-215 [126] </p> + </item> + <item> + <p> + Remove default support for SSL-3.0, due to Poodle + vunrability in protocol specification.</p> + <p> + Add padding check for TLS-1.0 to remove Poodle + vunrability from TLS 1.0, also add the option + padding_check. This option only affects TLS-1.0 + connections and if set to false it disables the block + cipher padding check to be able to interoperate with + legacy software.</p> + <p> + Remove default support for RC4 cipher suites, as they are + consider too weak.</p> + <p> + *** POTENTIAL INCOMPATIBILITY ***</p> + <p> + Own Id: OTP-12390</p> + </item> + <item> + <p> + Add support for TLS ALPN (Application-Layer Protocol + Negotiation) extension.</p> + <p> + Own Id: OTP-12580</p> + </item> + <item> + <p> + Add SNI (Server Name Indication) support for the server + side.</p> + <p> + Own Id: OTP-12736</p> + </item> + </list> + </section> + +</section> + +<section><title>SSL 6.0.1</title> <section><title>Fixed Bugs and Malfunctions</title> <list> |