===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/68.html,v
retrieving revision 1.59
retrieving revision 1.60
diff -c -r1.59 -r1.60
*** www/68.html 2020/10/08 15:48:14 1.59
--- www/68.html 2020/10/08 16:05:20 1.60
***************
*** 489,495 ****
Compatibility Changes
! - Modify I/O behavior so that SSL_MODE_AUTO_RETRY is the default similar to new OpenSSL releases.
- Add the P-521 curve to the list of curves supported by default in the client.
- Define OPENSSL_NO_SSL_TRACE in opensslfeatures.h.
- Make SSL_CTX_get_ciphers(NULL) return NULL rather than crash.
--- 489,495 ----
- Compatibility Changes
! - Modify I/O behavior so that SSL_MODE_AUTO_RETRY is the default similar to new OpenSSL releases.
- Add the P-521 curve to the list of curves supported by default in the client.
- Define OPENSSL_NO_SSL_TRACE in opensslfeatures.h.
- Make SSL_CTX_get_ciphers(NULL) return NULL rather than crash.
***************
*** 518,524 ****
- Add initial support for openbsd/powerpc64.
- Improve length checks in the TLSv1.3 record layer and provide appropriate alerts for violations of record layer limits.
- Enforce that SNI hostnames received by the TLS server are correctly formed as per RFC 5890 and RFC 6066, responding with illegal parameter for a nonconformant host name.
!
- Support SSL_MODE_AUTO_RETRY in TLSv1.3 to allow the automatic retry of handshake messages.
- Improve the handling of BIO_read(3)/BIO_write(3) failures in the TLSv1.3 stack.
- Start replacing the existing TLSv1.2 record layer.
- Simplify SSL method lookups.
--- 518,524 ----
- Add initial support for openbsd/powerpc64.
- Improve length checks in the TLSv1.3 record layer and provide appropriate alerts for violations of record layer limits.
- Enforce that SNI hostnames received by the TLS server are correctly formed as per RFC 5890 and RFC 6066, responding with illegal parameter for a nonconformant host name.
!
- Support SSL_MODE_AUTO_RETRY in TLSv1.3 to allow the automatic retry of handshake messages.
- Improve the handling of BIO_read(3)/BIO_write(3) failures in the TLSv1.3 stack.
- Start replacing the existing TLSv1.2 record layer.
- Simplify SSL method lookups.