aboutsummaryrefslogtreecommitdiffstats
path: root/doc
diff options
context:
space:
mode:
Diffstat (limited to 'doc')
-rw-r--r--doc/manual/tls.rst3
-rw-r--r--doc/relnotes/1_11_14.rst9
-rw-r--r--doc/relnotes/index.rst1
3 files changed, 13 insertions, 0 deletions
diff --git a/doc/manual/tls.rst b/doc/manual/tls.rst
index c2cdeb667..4ac7b5cb3 100644
--- a/doc/manual/tls.rst
+++ b/doc/manual/tls.rst
@@ -517,6 +517,9 @@ be negotiated during a handshake.
Also allowed: "Camellia-256/GCM", "Camellia-128/GCM",
"Camellia-256", "Camellia-128"
+ Also allowed (though currently experimental): "AES-128/OCB(12)",
+ "AES-256/OCB(12)"
+
Also allowed (although **not recommended**): "SEED", "3DES", "RC4"
.. note::
diff --git a/doc/relnotes/1_11_14.rst b/doc/relnotes/1_11_14.rst
new file mode 100644
index 000000000..0fabe190e
--- /dev/null
+++ b/doc/relnotes/1_11_14.rst
@@ -0,0 +1,9 @@
+1.11.14, Not Yet Released
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+* OCB mode, which provides a fast and constant time AEAD mode without
+ requiring hardware support, is now supported in TLS, following
+ draft-zauner-tls-aes-ocb-00. Because this specification is not yet
+ finalized is not yet enabled by the default policy, and the
+ ciphersuite numbers used are in the experimental range and may
+ conflict with other uses.
diff --git a/doc/relnotes/index.rst b/doc/relnotes/index.rst
index 24a13dfb9..ff92f9e4f 100644
--- a/doc/relnotes/index.rst
+++ b/doc/relnotes/index.rst
@@ -8,6 +8,7 @@ Series 1.11
.. toctree::
:maxdepth: 1
+ 1_11_14
1_11_13
1_11_12
1_11_11