Modify CHANGES [GL #2796]

Mention the new "tls" options in the CHANGES file.
2021-09-28 12:49:25 +03:00
parent 17d2b3c8db
commit bbf758a6fd
1 changed files with 15 additions and 0 deletions
--- a/15
+++ b/15
@@ -1,3 +1,18 @@
+5729.	[func]		Allow finer control over the TLS protocol by
+			implementing more options within "tls" clauses, namely:
+			- Diffie-Hellman parameters via
+			  'dhparam-file "<path_to_file>";'
+			- OpenSSL cipher list string via
+			  'ciphers "<cipher_list>";'
+			- Server or client ciphers preference via
+			  'prefer-server-ciphers yes|no;'
+			- Ability to explicitly enable or disable stateless
+			  TLS session tickets via 'session-tickets yes|no;'
+			The options are enough to implement perfect forward
+			secrecy in DNS-over-TLS, DNS-over-HTTPS transports.
+			Most of these options were no-op before this
+			change. [GL #2796]
+
 5728.	[func]		Allow specifying supported TLS protocol
 			versions within "tls" clauses
 			(e.g. protocols { TLSv1.2; TLSv1.3; };). [GL #2795]