===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/67.html,v
retrieving revision 1.42
retrieving revision 1.43
diff -c -r1.42 -r1.43
*** www/67.html 2020/05/07 16:03:54 1.42
--- www/67.html 2020/05/07 16:48:16 1.43
***************
*** 1142,1170 ****
LibreSSL 3.1.1
! - API and Documentation Enhancements
- Completed initial TLS 1.3 implementation with a completely new state
machine and record layer. TLS 1.3 is now enabled by default for the
client side, with the server side to be enabled in a future release.
Note that the OpenSSL TLS 1.3 API is not yet visible/available.
!
- Improved SSL_CTX_set_cipher_list(3) and SSL_set_cipher_list(3) to
! include TLSv1.3 cipher suites even if cipher string does not
! indicate it.
!
- Improved to handle TLSv1.3 HelloRetryRequest.
- Provided TLSv1.3 cipher suite aliases to match the names used
in RFC 8446.
-
- Improved to allow using any of the groups in our NID list to
- generate a client key share.
-
- Added RSA-PSS and RSA-OAEP methods from OpenSSL 1.1.1.
-
- Ported Cryptographic Message Syntax (CMS) implementation from OpenSSL
- 1.1.1 and enabled by default.
- Added cms subcommand to openssl(1).
- Added -addext option to openssl(1) req subcommand.
- Added -groups option to openssl(1) s_server subcommand.
!
- Fixed to show TLSv1.3 extension type with openssl(1) -tlsextdebug.
- Compatibility Changes
- Improved compatibility by backporting functionality and documentation
--- 1142,1171 ----
- LibreSSL 3.1.1
! - New Features
- Completed initial TLS 1.3 implementation with a completely new state
machine and record layer. TLS 1.3 is now enabled by default for the
client side, with the server side to be enabled in a future release.
Note that the OpenSSL TLS 1.3 API is not yet visible/available.
!
- Improved cipher suite handling to automatically include TLSv1.3
! cipher suites when they are not explicitly referred to in the
! cipher string.
- Provided TLSv1.3 cipher suite aliases to match the names used
in RFC 8446.
- Added cms subcommand to openssl(1).
- Added -addext option to openssl(1) req subcommand.
- Added -groups option to openssl(1) s_server subcommand.
!
- Added TLSv1.3 extension types to openssl(1) -tlsextdebug.
+ - API and Documentation Enhancements
+
+ - Added RSA-PSS and RSA-OAEP methods from OpenSSL 1.1.1.
+
- Ported Cryptographic Message Syntax (CMS) implementation from OpenSSL
+ 1.1.1 and enabled by default.
+
+
- Compatibility Changes
- Improved compatibility by backporting functionality and documentation
***************
*** 1175,1181 ****
- Testing and Proactive Security
- Added many new additional crypto test vectors.
!
- Fixed to disallow setting the AES-GCM IV length to zero.
- Internal Improvements
--- 1176,1182 ----
- Testing and Proactive Security
- Added many new additional crypto test vectors.
!
- Fix to disallow setting the AES-GCM IV length to zero.
- Internal Improvements