GnuTLS: lose DH-param setup, for recent library versions where no longer needed

author: Jeremy Harris <jgh146exb@wizmail.org> 2019-10-06 15:36:25 +0100
committer: Jeremy Harris <jgh146exb@wizmail.org> 2019-10-06 15:52:28 +0100
commit: 49132a3bb5c65364b1d9cc5b405bd0ef046e7828 (patch)
tree: 23d9d924eea651546d31d9b4ad3eaf396f34ddaa /doc/doc-docbook/spec.xfpt
parent: cd09f70da516de12a3a97f527fb23178d8c07826 (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 3afc62989..c0c7bdc80 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -17736,7 +17736,14 @@ larger prime than requested.
 The value of this option is expanded and indicates the source of DH parameters
 to be used by Exim.
 
-&*Note: The Exim Maintainers strongly recommend using a filename with site-generated
+.new
+&*Note: This option is ignored for GnuTLS version 3.6.0 and later.
+The library manages parameter negitiation internally.
+.wen
+
+&*Note: The Exim Maintainers strongly recommend,
+for other TLS braries,
+using a filename with site-generated
 local DH parameters*&, which has been supported across all versions of Exim.  The
 other specific constants available are a fallback so that even when
 "unconfigured", Exim can offer Perfect Forward Secrecy in older ciphersuites in TLS.
author	Jeremy Harris <jgh146exb@wizmail.org>	2019-10-06 15:36:25 +0100
committer	Jeremy Harris <jgh146exb@wizmail.org>	2019-10-06 15:52:28 +0100
commit	49132a3bb5c65364b1d9cc5b405bd0ef046e7828 (patch)
tree	23d9d924eea651546d31d9b4ad3eaf396f34ddaa /doc/doc-docbook/spec.xfpt
parent	cd09f70da516de12a3a97f527fb23178d8c07826 (diff)