diff options
author | Russ Cox <rsc@golang.org> | 2022-07-28 13:06:28 -0400 |
---|---|---|
committer | Russ Cox <rsc@golang.org> | 2022-07-28 21:13:04 +0000 |
commit | 5c8ec89cb53025bc76b242b0d2410bf5060b697e (patch) | |
tree | 7651c550537f0557683f0f141494fbdf52719fdd | |
parent | 417be37048d07532397a7db89eeee9d249564560 (diff) | |
download | go-5c8ec89cb53025bc76b242b0d2410bf5060b697e.tar.gz go-5c8ec89cb53025bc76b242b0d2410bf5060b697e.zip |
doc/go1.19: minor adjustments and links
A few last-minute clarifications before the release.
Change-Id: Ia0123441633c147aa3f76ea29ed26c7722e2416c
Reviewed-on: https://go-review.googlesource.com/c/go/+/419994
Reviewed-by: Ian Lance Taylor <iant@google.com>
-rw-r--r-- | doc/go1.19.html | 23 |
1 files changed, 15 insertions, 8 deletions
diff --git a/doc/go1.19.html b/doc/go1.19.html index e308affa7c..fc0ef11e3f 100644 --- a/doc/go1.19.html +++ b/doc/go1.19.html @@ -31,7 +31,8 @@ Do not send CLs removing the interior tags from such phrases. <h2 id="mem">Memory Model</h2> <p><!-- https://go.dev/issue/50859 --> - The <a href="/ref/mem">Go memory model</a> has been revised to align Go with + The <a href="/ref/mem">Go memory model</a> has been + <a href="https://research.swtch.com/gomm">revised</a> to align Go with the memory model used by C, C++, Java, JavaScript, Rust, and Swift. Go only provides sequentially consistent atomics, not any of the more relaxed forms found in other languages. Along with the memory model update, @@ -378,11 +379,17 @@ as well as support for rendering them to HTML, Markdown, and text. <p><!-- CL 391554 --><!-- CL 387554 --> The <a href="/pkg/crypto/rand/#Prime"><code>Prime</code></a> - implementation was simplified. This will lead to different outputs for the - same random stream compared to the previous implementation. The internals - of <code>Prime</code> are not stable, should not be relied upon not to - change, and the output is now intentionally non-deterministic with respect - to the input stream. + implementation was changed to use only rejection sampling, + which removes a bias when generating small primes in non-cryptographic contexts, + removes one possible minor timing leak, + and better aligns the behavior with BoringSSL, + all while simplifying the implementation. + The change does produce different outputs for a given random source + stream compared to the previous implementation, + which can break tests written expecting specific results from + specific deterministic random sources. + To help prevent such problems in the future, + the implementation is now intentionally non-deterministic with respect to the input stream. </p> </dd> </dl><!-- crypto/rand --> @@ -390,7 +397,7 @@ as well as support for rendering them to HTML, Markdown, and text. <dl id="crypto/tls"><dt><a href="/pkg/crypto/tls/">crypto/tls</a></dt> <dd> <p><!-- CL 400974 --><!-- https://go.dev/issue/45428 --> - The <code>tls10default</code> <code>GODEBUG</code> option has been + The <code>GODEBUG</code> option <code>tls10default=1</code> has been removed. It is still possible to enable TLS 1.0 client-side by setting <a href="/pkg/crypto/tls#Config.MinVersion"><code>Config.MinVersion</code></a>. </p> @@ -421,7 +428,7 @@ as well as support for rendering them to HTML, Markdown, and text. </p> <p><!-- CL 396774 --> - Removal of the <code>x509sha1=1</code> <code>GODEBUG</code> option, + Removal of the <code>GODEBUG</code> option<code>x509sha1=1</code>, originally planned for Go 1.19, has been rescheduled to a future release. Applications using it should work on migrating. Practical attacks against SHA-1 have been demonstrated since 2017 and publicly trusted Certificate |