mirror of
https://github.com/golang/go
synced 2024-11-26 23:11:24 -07:00
doc/go1.15: add more release notes for crypto/tls
Updates #37419 Change-Id: I5e03adbf6d215d65aedbdeb7bdfe1ead8a838877 Reviewed-on: https://go-review.googlesource.com/c/go/+/236921 Reviewed-by: Katie Hockman <katie@golang.org>
This commit is contained in:
parent
8891b82332
commit
bddf75d888
@ -463,8 +463,27 @@ TODO
|
|||||||
Auto-generated session ticket keys are now automatically rotated every 24 hours,
|
Auto-generated session ticket keys are now automatically rotated every 24 hours,
|
||||||
with a lifetime of 7 days, to limit their impact on forward secrecy.
|
with a lifetime of 7 days, to limit their impact on forward secrecy.
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
|
<p><!-- CL 231317 -->
|
||||||
|
Session ticket lifetimes in TLS 1.2 and earlier, where the session keys
|
||||||
|
are reused for resumed connections, are now limited to 7 days, also to
|
||||||
|
limit their impact on forward secrecy.
|
||||||
|
</p>
|
||||||
|
|
||||||
|
<p><!-- CL 231038 -->
|
||||||
|
The client-side downgrade protection checks specified in RFC 8446 are now
|
||||||
|
enforced. This has the potential to cause connection errors for clients
|
||||||
|
encountering middleboxes that behave like unauthorized downgrade attacks.
|
||||||
|
</p>
|
||||||
|
|
||||||
|
<p><!-- CL 208226 -->
|
||||||
|
<a href="/pkg/crypto/tls/#SignatureScheme"><code>SignatureScheme</code></a>,
|
||||||
|
<a href="/pkg/crypto/tls/#CurveID"><code>CurveID</code></a>, and
|
||||||
|
<a href="/pkg/crypto/tls/#ClientAuthType"><code>ClientAuthType</code></a>
|
||||||
|
now implement <a href="/pkg/fmt/#Stringer"><code>fmt.Stringer</code></a>.
|
||||||
|
</p>
|
||||||
</dd>
|
</dd>
|
||||||
</dl>
|
</dl><!-- crypto/tls -->
|
||||||
|
|
||||||
<dl id="crypto/x509"><dt><a href="/pkg/crypto/x509/">crypto/x509</a></dt>
|
<dl id="crypto/x509"><dt><a href="/pkg/crypto/x509/">crypto/x509</a></dt>
|
||||||
<dd>
|
<dd>
|
||||||
|
Loading…
Reference in New Issue
Block a user