===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/56.html,v
retrieving revision 1.48
retrieving revision 1.49
diff -u -r1.48 -r1.49
--- www/56.html 2014/10/21 19:42:58 1.48
+++ www/56.html 2014/10/23 18:44:20 1.49
@@ -62,6 +62,37 @@
+- LibreSSL
+
+ - This release forks OpenSSL into LibreSSL, a version of the TLS/crypto
+ stack with goals of modernizing the codebase, improving security, and
+ applying best practice development processes.
+
- No support for legacy MacOS, Netware, OS/2, VMS and Windows platforms,
+ as well as antique compilers.
+
- Removal of the IBM 4758, Broadcom ubsec, Sureware, Nuron, GOST, GMP,
+ CSwift, CHIL, CAPI, Atalla and AEP engines, either because the hardware is
+ irrelevant, or because they require external non-free libraries to work.
+
- No support for FIPS-140 compliance.
+
- No EBCDIC support.
+
- Use standard routines from the C library (malloc, strdup, snprintf...)
+ instead of rolling our own, sometimes badly.
+
- Remove the old OpenSSL PRNG, and rely upon arc4random_buf from libc for
+ all the entropy needs.
+
- Remove the MD2 and SEED algorithms.
+
- Remove J-PAKE, PSK and SRP (mis)features.
+
- Aggressive cleaning of BN memory when no longer used.
+
- No support for Kerberos.
+
- No support for SSLv2.
+
- No support for the questionable DTLS heartbeat extension.
+
- No support for TLS compression.
+
- No support for US-Export SSL ciphers.
+
- Do not use the current time as a random seed in libssl.
+
- Support for ChaCha and Poly1305 algorithm.
+
- Support for Brainpool and ANSSI elliptic curves.
+
- Support for AES-GCM and ChaCha20-Poly1305 AEAD modes.
+
+
+
- Improved hardware support, including:
- SCSI Multipathing support via mpath(4) and associated path drivers on several architectures.
@@ -253,34 +284,6 @@
- Apache has been removed.
- Read support for ext4 filesystems.
- Reworked mplocks as ticket locks instead of spinlocks on amd64, i386, and sparc64. This provides fairer access to the kernel lock between logical CPUs, especially in multi socket systems.
-
-
-
-
- LibreSSL
-
- - No support for legacy MacOS, Netware, OS/2, VMS and Windows platforms,
- as well as antique compilers.
-
- Removal of the IBM 4758, Broadcom ubsec, Sureware, Nuron, GOST, GMP,
- CSwift, CHIL, CAPI, Atalla and AEP engines, either because the hardware is
- irrelevant, or because they require external non-free libraries to work.
-
- No support for FIPS-140 compliance.
-
- No EBCDIC support.
-
- Use standard routines from the C library (malloc, strdup, snprintf...)
- instead of rolling our own, sometimes badly.
-
- Remove the old OpenSSL PRNG, and rely upon arc4random_buf from libc for
- all the entropy needs.
-
- Remove the MD2 and SEED algorithms.
-
- Remove J-PAKE, PSK and SRP (mis)features.
-
- Aggressive cleaning of BN memory when no longer used.
-
- No support for Kerberos.
-
- No support for SSLv2.
-
- No support for the questionable DTLS heartbeat extension.
-
- No support for TLS compression.
-
- No support for US-Export SSL ciphers.
-
- Do not use the current time as a random seed in libssl.
-
- Support for ChaCha and Poly1305 algorithm.
-
- Support for Brainpool and ANSSI elliptic curves.
-
- Support for AES-GCM and ChaCha20-Poly1305 AEAD modes.