diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-10-15 15:21:27 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-10-16 09:52:30 +0200 |
commit | ee83078f806d5ca6eccdbfd84371179589a37570 (patch) | |
tree | 17ec92a81a18920ed46b1928bf6dd87a5f41c026 /doc/cha-gtls-app.texi | |
parent | 2e966a134b6d072dbcfe06daa8cc79ecd91b7602 (diff) | |
download | gnutls-ee83078f806d5ca6eccdbfd84371179589a37570.tar.gz |
updated documentation for SSL 3.0 removal
Diffstat (limited to 'doc/cha-gtls-app.texi')
-rw-r--r-- | doc/cha-gtls-app.texi | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi index 4cdbd54d7c..805c0b51c5 100644 --- a/doc/cha-gtls-app.texi +++ b/doc/cha-gtls-app.texi @@ -988,7 +988,7 @@ algorithms to be enabled. @end float Unless the initial keyword is "NONE" the defaults (in preference -order) are for TLS protocols TLS 1.2, TLS1.1, TLS1.0, SSL3.0; for +order) are for TLS protocols TLS 1.2, TLS1.1, TLS1.0; for compression NULL; for certificate types X.509. In key exchange algorithms when in NORMAL or SECURE levels the perfect forward secrecy algorithms take precedence of the other @@ -1050,8 +1050,8 @@ GCM ciphers only). All algorithms from NORMAL priority can be accessed with MAC- COMP-NULL, COMP-DEFLATE. Catch all is COMP-ALL. @item TLS versions @tab -VERS-SSL3.0, VERS-TLS1.0, VERS-TLS1.1, -VERS-TLS1.2, VERS-DTLS1.2, VERS-DTLS1.0. +VERS-TLS1.0, VERS-TLS1.1, VERS-TLS1.2, +VERS-DTLS1.0, VERS-DTLS1.2. Catch all is VERS-TLS-ALL and VERS-DTLS-ALL. @item Signature algorithms @tab @@ -1195,8 +1195,8 @@ Specifying RSA with AES-128-CBC: Specifying the defaults except ARCFOUR-128: "NORMAL:-ARCFOUR-128" -Enabling the 128-bit secure ciphers, while disabling SSL 3.0 and enabling compression: - "SECURE128:-VERS-SSL3.0:+COMP-DEFLATE" +Enabling the 128-bit secure ciphers, while disabling TLS 1.0 and enabling compression: + "SECURE128:-VERS-TLS1.0:+COMP-DEFLATE" Enabling the 128-bit and 192-bit secure ciphers, while disabling all TLS versions except TLS 1.2: @@ -1587,7 +1587,7 @@ options that are known to cause compatibility problems, is shown below. NORMAL:%COMPAT @end verbatim -For broken peers that do not tolerate TLS version numbers over TLS 1.0 +For very old broken peers that do not tolerate TLS version numbers over TLS 1.0 another priority string is: @verbatim NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0:+VERS-SSL3.0:%COMPAT |