File tree Expand file tree Collapse file tree 1 file changed +10
-0
lines changed Expand file tree Collapse file tree 1 file changed +10
-0
lines changed Original file line number Diff line number Diff line change @@ -296,6 +296,16 @@ <h3><a class="mozTocH3" name="mozTocId3413"></a>Notes:</h3>
296
296
297
297
< h4 > < a class ="mozTocH4 " name ="mozTocId85317 "> </ a > Release 1.8.3, TBD</ h4 >
298
298
299
+ < h5 > IMPORTANT</ h5 >
300
+ < ul >
301
+ < li >
302
+ In this release, the TLS library has moved to a whitelisting approach for client-side validation of server-presented
303
+ Diffie-Hellman (DH) parameters. In the default configuration, if a ciphersuite using ephemeral DH is selected by the
304
+ server, the client will abort the handshake if the proposed DH group is not one of those specified in RFC 3526 or RFC 7919,
305
+ or if the DH prime is < 2048 bits. The client therefore no longer offers DH ciphersuites by default.
306
+ </ li >
307
+ </ ul >
308
+
299
309
< h5 > Additional Features and Functionality</ h5 >
300
310
< ul >
301
311
< li > Further work has been done on improving SHA-3 performance.</ li >
You can’t perform that action at this time.
0 commit comments