diff options
Diffstat (limited to 'lib/ssl/doc/src/notes.xml')
| -rw-r--r-- | lib/ssl/doc/src/notes.xml | 104 |
1 files changed, 93 insertions, 11 deletions
diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index fe0606b1a3..b87b1b4fa7 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -8,16 +8,17 @@ <holder>Ericsson AB. All Rights Reserved.</holder> </copyright> <legalnotice> - The contents of this file are subject to the Erlang Public License, - Version 1.1, (the "License"); you may not use this file except in - compliance with the License. You should have received a copy of the - Erlang Public License along with this software. If not, it can be - retrieved online at http://www.erlang.org/. - - Software distributed under the License is distributed on an "AS IS" - basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See - the License for the specific language governing rights and limitations - under the License. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. </legalnotice> @@ -25,7 +26,88 @@ <file>notes.xml</file> </header> <p>This document describes the changes made to the SSL application.</p> - <section><title>SSL 6.0.1</title> + <section><title>SSL 7.0</title> + + <section><title>Fixed Bugs and Malfunctions</title> + <list> + <item> + <p> + Ignore signature_algorithm (TLS 1.2 extension) sent to + TLS 1.0 or TLS 1.1 server</p> + <p> + Own Id: OTP-12670</p> + </item> + <item> + <p> + Improve error handling in TLS distribution module to + avoid lingering sockets.</p> + <p> + Own Id: OTP-12799 Aux Id: Tom Briden </p> + </item> + <item> + <p> + Add option {client_renegotiation, boolean()} option to + the server-side of the SSL application.</p> + <p> + Own Id: OTP-12815</p> + </item> + <item> + <p> + Gracefully ignore proprietary hash_sign algorithms</p> + <p> + Own Id: OTP-12829</p> + </item> + </list> + </section> + + + <section><title>Improvements and New Features</title> + <list> + <item> + <p> + Add new API functions to handle CRL-verification</p> + <p> + Own Id: OTP-10362 Aux Id: kunagi-215 [126] </p> + </item> + <item> + <p> + Remove default support for SSL-3.0, due to Poodle + vunrability in protocol specification.</p> + <p> + Add padding check for TLS-1.0 to remove Poodle + vunrability from TLS 1.0, also add the option + padding_check. This option only affects TLS-1.0 + connections and if set to false it disables the block + cipher padding check to be able to interoperate with + legacy software.</p> + <p> + Remove default support for RC4 cipher suites, as they are + consider too weak.</p> + <p> + *** POTENTIAL INCOMPATIBILITY ***</p> + <p> + Own Id: OTP-12390</p> + </item> + <item> + <p> + Add support for TLS ALPN (Application-Layer Protocol + Negotiation) extension.</p> + <p> + Own Id: OTP-12580</p> + </item> + <item> + <p> + Add SNI (Server Name Indication) support for the server + side.</p> + <p> + Own Id: OTP-12736</p> + </item> + </list> + </section> + +</section> + +<section><title>SSL 6.0.1</title> <section><title>Fixed Bugs and Malfunctions</title> <list> |