diff options
| -rw-r--r-- | doc/relnotes/1_11_6.rst | 2 | ||||
| -rw-r--r-- | doc/tls.rst | 4 | ||||
| -rw-r--r-- | src/tls/tls_policy.cpp | 2 |
3 files changed, 5 insertions, 3 deletions
diff --git a/doc/relnotes/1_11_6.rst b/doc/relnotes/1_11_6.rst index cd9996eca..7c0c64cde 100644 --- a/doc/relnotes/1_11_6.rst +++ b/doc/relnotes/1_11_6.rst @@ -3,6 +3,8 @@ Version 1.11.6, Not Yet Released * Botan now requires Boost, specifically the filesystem and asio libraries. + * The default TLS policy no longer includes RC4 in the cipher list. + * Add HKDF from :rfc:`5869` * TLS::Session_Manager_In_Memory now requires a rng to be passed to its diff --git a/doc/tls.rst b/doc/tls.rst index 8f04b7903..29d49166d 100644 --- a/doc/tls.rst +++ b/doc/tls.rst @@ -488,10 +488,10 @@ be negotiated during a handshake. Default: "AES-256/GCM", "AES-128/GCM", "AES-256/CCM(16,3)", "AES-128/CCM(16,3)", "AES-256/CCM(8,3)", "AES-128/CCM(8,3)", - "AES-256", "AES-128", "RC4" + "AES-256", "AES-128" Also allowed: "Camellia-256/GCM", "Camellia-128/GCM", - "Camellia-256", "Camellia-128", "SEED", "3DES" + "Camellia-256", "Camellia-128", "SEED", "3DES", "RC4" .. note:: diff --git a/src/tls/tls_policy.cpp b/src/tls/tls_policy.cpp index 289f228da..3271c3abe 100644 --- a/src/tls/tls_policy.cpp +++ b/src/tls/tls_policy.cpp @@ -32,7 +32,7 @@ std::vector<std::string> Policy::allowed_ciphers() const //"Camellia-128", //"SEED" //"3DES", - "RC4", + //"RC4", }); } |