Skip to content

Commit

Permalink
Correct NEWS entry about required security level for old versions of …
Browse files Browse the repository at this point in the history 
…TLS, DTLS and SSL

The entry was incorrect because suites using RSA key exchange without SHA1
were permitted at security level 1.

Partial fix for openssl#18194

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from openssl#18234)
  • Loading branch information
@paulidale
paulidale committed May 6, 2022
1 parent 37a6e9e commit 3226a37
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion NEWS.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,7 +115,8 @@ OpenSSL 3.0
RC4, RC5 and SEED cipher functions have been deprecated.
* All of the low-level DH, DSA, ECDH, ECDSA and RSA public key functions
have been deprecated.
* SSL 3, TLS 1.0, TLS 1.1, and DTLS 1.0 only work at security level 0.
* SSL 3, TLS 1.0, TLS 1.1, and DTLS 1.0 only work at security level 0,
except when RSA key exchange without SHA1 is used.
* Added providers, a new pluggability concept that will replace the
ENGINE API and ENGINE implementations.

Expand Down

0 comments on commit 3226a37

Please sign in to comment.