===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/67.html,v
retrieving revision 1.42
retrieving revision 1.43
diff -c -r1.42 -r1.43
*** www/67.html	2020/05/07 16:03:54	1.42
--- www/67.html	2020/05/07 16:48:16	1.43
***************
*** 1142,1170 ****
  
  <li>LibreSSL 3.1.1
    <ul>
!     <li>API and Documentation Enhancements
      <ul>
  	<li>Completed initial TLS 1.3 implementation with a completely new state
  	    machine and record layer. TLS 1.3 is now enabled by default for the
  	    client side, with the server side to be enabled in a future release.
  	    Note that the OpenSSL TLS 1.3 API is not yet visible/available.
! 	<li>Improved SSL_CTX_set_cipher_list(3) and SSL_set_cipher_list(3) to
! 	    include TLSv1.3 cipher suites even if cipher string does not
! 	    indicate it.
! 	<li>Improved to handle TLSv1.3 HelloRetryRequest.
  	<li>Provided TLSv1.3 cipher suite aliases to match the names used
  	    in RFC 8446.
- 	<li>Improved to allow using any of the groups in our NID list to
- 	    generate a client key share.
- 	<li>Added RSA-PSS and RSA-OAEP methods from OpenSSL 1.1.1.
- 	<li>Ported Cryptographic Message Syntax (CMS) implementation from OpenSSL
- 	    1.1.1 and enabled by default.
  	<li>Added cms subcommand to openssl(1).
  	<li>Added -addext option to openssl(1) req subcommand.
  	<li>Added -groups option to openssl(1) s_server subcommand.
! 	<li>Fixed to show TLSv1.3 extension type with openssl(1) -tlsextdebug.
      </ul>
  
      <li>Compatibility Changes
      <ul>
  	<li>Improved compatibility by backporting functionality and documentation
--- 1142,1171 ----
  
  <li>LibreSSL 3.1.1
    <ul>
!     <li>New Features
      <ul>
  	<li>Completed initial TLS 1.3 implementation with a completely new state
  	    machine and record layer. TLS 1.3 is now enabled by default for the
  	    client side, with the server side to be enabled in a future release.
  	    Note that the OpenSSL TLS 1.3 API is not yet visible/available.
! 	<li>Improved cipher suite handling to automatically include TLSv1.3
!             cipher suites when they are not explicitly referred to in the
!             cipher string.
  	<li>Provided TLSv1.3 cipher suite aliases to match the names used
  	    in RFC 8446.
  	<li>Added cms subcommand to openssl(1).
  	<li>Added -addext option to openssl(1) req subcommand.
  	<li>Added -groups option to openssl(1) s_server subcommand.
! 	<li>Added TLSv1.3 extension types to openssl(1) -tlsextdebug.
      </ul>
  
+     <li>API and Documentation Enhancements
+     <ul>
+ 	<li>Added RSA-PSS and RSA-OAEP methods from OpenSSL 1.1.1.
+ 	<li>Ported Cryptographic Message Syntax (CMS) implementation from OpenSSL
+ 	    1.1.1 and enabled by default.
+     </ul>
+ 
      <li>Compatibility Changes
      <ul>
  	<li>Improved compatibility by backporting functionality and documentation
***************
*** 1175,1181 ****
      <li>Testing and Proactive Security
      <ul>
  	<li>Added many new additional crypto test vectors.
! 	<li>Fixed to disallow setting the AES-GCM IV length to zero.
      </ul>
  
      <li>Internal Improvements
--- 1176,1182 ----
      <li>Testing and Proactive Security
      <ul>
  	<li>Added many new additional crypto test vectors.
! 	<li>Fix to disallow setting the AES-GCM IV length to zero.
      </ul>
  
      <li>Internal Improvements