From 3db7370a556d0dd064f005fd745bdbf50840eda1 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Fri, 5 Feb 2016 15:56:47 +0100
Subject: ssl: Remove DES ciphers from default configuration

DES is not considered secure.

Also correct 'Server Name Indication' support description.
---
 lib/ssl/doc/src/ssl_app.xml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'lib/ssl/doc')

diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml
index 6c82e32a74..d05ece3971 100644
--- a/lib/ssl/doc/src/ssl_app.xml
+++ b/lib/ssl/doc/src/ssl_app.xml
@@ -43,6 +43,8 @@
       <item>For security reasons SSL-2.0 is not supported.</item>
       <item>For security reasons SSL-3.0 is no longer supported by default,
       but can be configured.</item>
+      <item>For security reasons DES cipher suites are no longer supported by default,
+      but can be configured.</item>
       <item>Ephemeral Diffie-Hellman cipher suites are supported,
       but not Diffie Hellman Certificates cipher suites.</item>
       <item>Elliptic Curve cipher suites are supported if the Crypto 
@@ -55,8 +57,8 @@
       motivated to implement them.</item>
       <item>CRL validation is supported.</item>
       <item>Policy certificate extensions are not supported.</item>
-      <item>'Server Name Indication' extension client side
-      (RFC 6066, Section 3) is supported.</item>
+      <item>'Server Name Indication' extension
+      (<url href="http://www.ietf.org/rfc/rfc6066.txt">RFC 6066</url>) is supported.</item>
     </list>
    </description>
 
-- 
cgit v1.2.3