summaryrefslogtreecommitdiff
path: root/doc/doc-txt/ChangeLog
diff options
context:
space:
mode:
authorPhil Pennock <pdp@exim.org>2016-05-29 02:31:18 -0400
committerPhil Pennock <pdp@exim.org>2016-10-08 19:23:37 -0400
commit317e40ac8b1b816f4a22620a5647c6258de61598 (patch)
tree46f3796e23ecca09e0992b1a25eadaf8d062a466 /doc/doc-txt/ChangeLog
parentae5afa61184b6c9b39f58804032b32b42e3ba44e (diff)
DH parameters update, new values & defaultexim-4_88_RC2
* Add three new Exim-specific DH parameter constants; state provenance, but no way for others to verify; this is a signed commit, which is about as much as we can do for the truly paranoid: provide an audit trail. * Add the RFC 7919 DH primes + No TLS feature negotiation, per 7919, but the DH primes can be used if folks so choose * Fixed broken format string in util/gen_pkcs3.c * Tried to make gen_pkcs3.c support q values. + Turns out, q doesn't affect the PEM and that's not a mistake in my initialisation; I've checked with a cryptographer, we're losing some server-side optimizations but not any security properties for our scenario. Fixes: 1895
Diffstat (limited to 'doc/doc-txt/ChangeLog')
-rw-r--r--doc/doc-txt/ChangeLog3
1 files changed, 3 insertions, 0 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 80ea2105d..c68e45ce8 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -114,6 +114,9 @@ JH/29 Fix the connection_reject log selector to apply to the connect ACL.
JH/30 Bug 1897: fix callouts connection fallback from TLS to cleartext.
+PP/01 Changed default Diffie-Hellman parameters to be Exim-specific, created
+ by me. Added RFC7919 DH primes as an alternative.
+
Exim version 4.87
-----------------