diff --git a/CHANGES b/CHANGES index 303e09d526ab03d283bb76afb3ecd546b4217ba4..464149d621ea70713f8334c40f5510839d4e97f0 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,11 @@ Changes between 0.9.7 and 0.9.8 [xx XXX 2002] + *) Implement compute_wNAF (crypto/ec/ec_mult.c) without BIGNUM + arithmetic, and such that modified wNAFs are generated + (which avoid length expansion in many cases). + [Bodo Moeller] + *) Add a function EC_GROUP_check_discriminant() (defined via EC_METHOD) that verifies that the curve discriminant is non-zero. @@ -1057,9 +1062,16 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k *) Update Rijndael code to version 3.0 and change EVP AES ciphers to handle the new API. Currently only ECB, CBC modes supported. Add new - AES OIDs. Add TLS AES ciphersuites as described in the "AES Ciphersuites - for TLS" draft-ietf-tls-ciphersuite-03.txt. - [Ben Laurie, Steve Henson] + AES OIDs. + + Add TLS AES ciphersuites as described in the "AES Ciphersuites + for TLS" draft-ietf-tls-ciphersuite-03.txt. As these are not yet + official, they are not enabled by default and are not even part + of the "ALL" ciphersuite alias; for now, they must be explicitly + requested by specifying the new "AESdraft" ciphersuite alias. If + you want the default ciphersuite list plus the new ciphersuites, + use "DEFAULT:AESdraft:@STRENGTH". + [Ben Laurie, Steve Henson, Bodo Moeller] *) New function OCSP_copy_nonce() to copy nonce value (if present) from request to response. diff --git a/NEWS b/NEWS index 3850f59605b8690841af007b6ad82c3375f6bacf..bf8f031a29b79d67f66ab8263a7ef26133050994 100644 --- a/NEWS +++ b/NEWS @@ -38,6 +38,7 @@ o SSL/TLS: support Kerberos cipher suites (RFC2712). o SSL/TLS: allow more precise control of renegotiations and sessions. o SSL/TLS: add callback to retrieve SSL/TLS messages. + o SSL/TLS: add draft AES ciphersuites (disabled unless explicitly requested). Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d: