From e09dd66dc4d89c62ddfd8c19791f9678d5d787c6 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Tue, 12 May 2015 18:18:55 +0200 Subject: Prepare release --- lib/ssl/doc/src/notes.xml | 63 ++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 62 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 352563700b..e0992d317c 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -25,7 +25,68 @@ notes.xml

This document describes the changes made to the SSL application.

-
SSL 6.0 +
SSL 7.0 + +
Fixed Bugs and Malfunctions + + +

+ Ignore signature_algorithm (TLS 1.2 extension) sent to + TLS 1.0 or TLS 1.1 server

+

+ Own Id: OTP-12670

+ + +
+ + +
Improvements and New Features + + +

+ Add new API functions to handle CRL-verification

+

+ Own Id: OTP-10362 Aux Id: kunagi-215 [126]

+ + +

+ Remove default support for SSL-3.0, due to Poodle + vunrability in protocol specification.

+

+ Add padding check for TLS-1.0 to remove Poodle + vunrability from TLS 1.0, also add the option + padding_check. This option only affects TLS-1.0 + connections and if set to false it disables the block + cipher padding check to be able to interoperate with + legacy software.

+

+ Remove default support for RC4 cipher suites, as they are + consider too weak.

+

+ *** POTENTIAL INCOMPATIBILITY ***

+

+ Own Id: OTP-12390

+ + +

+ Add support for TLS ALPN (Application-Layer Protocol + Negotiation) extension.

+

+ Own Id: OTP-12580

+ + +

+ Add SNI (Server Name Indication) support for the server + side.

+

+ Own Id: OTP-12736

+ + +
+ +
+ +
SSL 6.0
Fixed Bugs and Malfunctions -- cgit v1.2.3