diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2018-08-07 17:30:57 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2018-08-07 17:30:57 +0700 |
| commit | cc5062b8ca50bb1689fa5c65e15f25add789178a (patch) | |
| tree | 55fb7be4f882b314029f19745c3d0c9bd0f26243 /crypto | |
| parent | TLS: Disable DHE_* ciphersuites in default clients (diff) | |
| download | BouncyCastle.NET-ed25519-cc5062b8ca50bb1689fa5c65e15f25add789178a.tar.xz | |
Add entry explaining DH changes
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/Readme.html | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/crypto/Readme.html b/crypto/Readme.html index 9f4705f00..153897914 100644 --- a/crypto/Readme.html +++ b/crypto/Readme.html @@ -296,6 +296,16 @@ We state, where EC MQV has not otherwise been disabled or removed: <h4><a class="mozTocH4" name="mozTocId85317"></a>Release 1.8.3, TBD</h4> + <h5>IMPORTANT</h5> + <ul> + <li> + In this release, the TLS library has moved to a whitelisting approach for client-side validation of server-presented + Diffie-Hellman (DH) parameters. In the default configuration, if a ciphersuite using ephemeral DH is selected by the + server, the client will abort the handshake if the proposed DH group is not one of those specified in RFC 3526 or RFC 7919, + or if the DH prime is < 2048 bits. The client therefore no longer offers DH ciphersuites by default. + </li> + </ul> + <h5>Additional Features and Functionality</h5> <ul> <li>Further work has been done on improving SHA-3 performance.</li> |