www/67.html - diff

Return to 67.html CVS log

Up to [local] / www

Diff for /www/67.html between version 1.28 and 1.29

-version 1.28, 2020/05/06 18:22:15
+version 1.29, 2020/05/06 18:32:19
 Line 1134
 Line 1134
 Line 1134
    </ul>
  <li>LibreSSL 3.1.1
-   <ul>
+     <ul>
- <!-- XXX remove these when adding the LibreSSL Changelog -->
+           <li> Completed initial TLS 1.3 implementation with a completely new state
- <!--
+             machine and record layer. TLS 1.3 is now enabled by default for the
-     <li>Added a -groups option to the <a
+             client side, with the server side to be enabled in a future release.
-         href="https://man.openbsd.org/openssl">openssl(1)</a> s_server,
+             Note that the OpenSSL TLS 1.3 API is not yet visible/available.
-         allowing EC groups to be configured.
-     <li>Added <a href="https://man.openbsd.org/openssl">openssl(1)</a>
+           <li> Many more code cleanups, fixes, and improvements to memory handling
-         s_client -tls1_3 and -notls1_3 options.
+             and protocol parsing.
-     <li>Added support for handling hello retry requests in the <a
-         href="https://man.openbsd.org/ssl">ssl(8)</a> TLSv1.3 client.
+           <li> Added RSA-PSS and RSA-OAEP methods from OpenSSL 1.1.1.
-     <li>Added support for legacy message callbacks, making <a
-         href="https://man.openbsd.org/openssl">openssl(1)</a> s_client -msg
+           <li> Ported Cryptographic Message Syntax (CMS) implementation from OpenSSL
-         work for handshake messages.
+.1.1 and enabled by default.
-     <li>Completed the initial TLSv1.3 implementation.
-     <li>Switched to encrypted records in the TLSv1.3 server.
+           <li> Improved compatibility by backporting functionality and documentation
-     <li>Enabled processing and use of signature algorithms in TLSv1.3.
+             from OpenSSL 1.1.1.
-     <li>Added support for TLS 1.3 post handshake handshake messages
-         and key updates to <a href="https://www.libressl.org/">LibreSSL</a>.
+           <li> Added many new additional crypto test vectors.
-     <li>Added -keyopt option to <a
-         href="https://man.openbsd.org/openssl">openssl(1)</a> cms subcommand,
+           <li> Adjusted EVP_chacha20()'s behavior to match OpenSSL's semantics.
-         providing rsa_padding_mode:oaep for cms -encrypt and
-         rsa_padding_mode:pss for cms -sign.
+           <li> Default CA bundle location is now configurable in portable builds.
- -->
+           <li> Added cms subcommand to openssl(1).
+           <li> Added -addext option to openssl(1) req subcommand.
+     </ul>
      <li>API and Documentation Enhancements
      <ul>
        <li>...