projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
add an explanation and fix a typo
[openssl.git] / CHANGES
diff --git a/CHANGES b/CHANGES
index 89ec06fe8565ceeb4a71bc807eadaa69eaa97dac..06e5677a66d67b9cbf0a6c2f6945dd307302d036 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -101,6 +101,15 @@
  
  Changes between 0.9.6e and 0.9.7  [XX xxx 2002]
 
+  *) Add cipher selection rules COMPLEMENTOFALL and COMPLEMENTOFDEFAULT
+     to allow version independent disabling of normally unselected ciphers,
+     which may be activated as a side-effect of selecting a single cipher.
+
+     (E.g., cipher list string "RSA" enables ciphersuites that are left
+     out of "ALL" because they do not provide symmetric encryption.
+     "RSA:!COMPLEMEMENTOFALL" avoids these unsafe ciphersuites.)
+     [Lutz Jaenicke, Bodo Moeller]
+
   *) Add appropriate support for separate platform-dependent build
      directories.  The recommended way to make a platform-dependent
      build directory is the following (tested on Linux), maybe with
Unnamed repository; edit this file 'description' to name the repository.