diff options
author | Filippo Valsorda <filippo@golang.org> | 2020-06-08 13:58:12 -0400 |
---|---|---|
committer | Filippo Valsorda <filippo@golang.org> | 2020-06-08 20:27:08 +0000 |
commit | bddf75d88859b8454f67de32510d8488329d0f2b (patch) | |
tree | b18212c4c25297bcc15201f914cd12bb69ae4f94 /doc | |
parent | 8891b82332de4afa23f935b58263d08a3a5c6d95 (diff) | |
download | go-bddf75d88859b8454f67de32510d8488329d0f2b.tar.gz go-bddf75d88859b8454f67de32510d8488329d0f2b.zip |
doc/go1.15: add more release notes for crypto/tls
Updates #37419
Change-Id: I5e03adbf6d215d65aedbdeb7bdfe1ead8a838877
Reviewed-on: https://go-review.googlesource.com/c/go/+/236921
Reviewed-by: Katie Hockman <katie@golang.org>
Diffstat (limited to 'doc')
-rw-r--r-- | doc/go1.15.html | 21 |
1 files changed, 20 insertions, 1 deletions
diff --git a/doc/go1.15.html b/doc/go1.15.html index 1e39493cba..7a49e1fa1f 100644 --- a/doc/go1.15.html +++ b/doc/go1.15.html @@ -463,8 +463,27 @@ TODO Auto-generated session ticket keys are now automatically rotated every 24 hours, with a lifetime of 7 days, to limit their impact on forward secrecy. </p> + + <p><!-- CL 231317 --> + Session ticket lifetimes in TLS 1.2 and earlier, where the session keys + are reused for resumed connections, are now limited to 7 days, also to + limit their impact on forward secrecy. + </p> + + <p><!-- CL 231038 --> + The client-side downgrade protection checks specified in RFC 8446 are now + enforced. This has the potential to cause connection errors for clients + encountering middleboxes that behave like unauthorized downgrade attacks. + </p> + + <p><!-- CL 208226 --> + <a href="/pkg/crypto/tls/#SignatureScheme"><code>SignatureScheme</code></a>, + <a href="/pkg/crypto/tls/#CurveID"><code>CurveID</code></a>, and + <a href="/pkg/crypto/tls/#ClientAuthType"><code>ClientAuthType</code></a> + now implement <a href="/pkg/fmt/#Stringer"><code>fmt.Stringer</code></a>. + </p> </dd> -</dl> +</dl><!-- crypto/tls --> <dl id="crypto/x509"><dt><a href="/pkg/crypto/x509/">crypto/x509</a></dt> <dd> |