diff options
| author | Jack Lloyd <[email protected]> | 2018-08-21 15:43:34 -0400 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2018-08-22 15:13:14 -0400 |
| commit | e05a7337add6c5f61d5abc05bb69c8d0698aa3ef (patch) | |
| tree | 8bb911536d39c43385a59d1bc9a09b2b14bd7075 /news.rst | |
| parent | 2fc2598ebab23aa63f7be30c8a2eff6afb262fb3 (diff) | |
Default disable support for TLS v1.0/v1.1 and all CBC and CCM suites
Diffstat (limited to 'news.rst')
| -rw-r--r-- | news.rst | 4 |
1 files changed, 4 insertions, 0 deletions
@@ -4,6 +4,10 @@ Release Notes Version 2.8.0, Not Yet Released ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +* Support for negotiating TLS versions 1.0 and 1.1 is disabled in the default + TLS policy. In addition, support for negotiating TLS ciphersuites using CBC or + CCM mode is disabled by default. + * During primality testing, use a Lucas test in addition to Miller-Rabin. It is possible to construct a composite integer which passes n Miller-Rabin tests with probability (1/4)^n. So for a incautious verifier using a small number |