===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/68.html,v
retrieving revision 1.55
retrieving revision 1.56
diff -u -r1.55 -r1.56
--- www/68.html 2020/10/08 15:17:46 1.55
+++ www/68.html 2020/10/08 15:22:38 1.56
@@ -495,7 +495,7 @@
Make SSL_CTX_get_ciphers(NULL) return NULL rather than crash.
Improve TLSv1.3 client certificate selection to allow EC certificates instead of only RSA certificates.
Add minimal info callback support for TLSv1.3.
- Support TLS 1.3 options in the openssl(1) command.
+ Support TLSv1.3 options in the openssl(1) command.
Add support for additional GOST curves from RFC 7836 and draft-deremin-rfc4491-bis.
Add OIDs for HMAC using the Streebog hash function.
Allow GOST R 34.11-2012 in PBE/PBKDF2/PKCS#5.
@@ -516,9 +516,9 @@
- Collapse x509v3 directory into x509.
- Add initial support for openbsd/powerpc64.
-
- Improve length checks in the TLS 1.3 record layer and provide appropriate alerts for violations of record layer limits.
+
- Improve length checks in the TLSv1.3 record layer and provide appropriate alerts for violations of record layer limits.
- Enforce that SNI hostnames received by the TLS server are correctly formed as per RFC 5890 and RFC 6066, responding with illegal parameter for a nonconformant host name.
-
- Support SSL_MODE_AUTO_RETRY in TLS 1.3 to allow the automatic retry of handshake messages.
+
- Support SSL_MODE_AUTO_RETRY in TLSv1.3 to allow the automatic retry of handshake messages.
- Improve the handling of BIO_read()/BIO_write() failures in the TLSv1.3 stack.
- Start replacing the existing TLSv1.2 record layer.
- Simplify SSL method lookups.