mbedtls/ChangeLog.d/tls13-reorder-ciphersuite-preference-list.txt

Default behavior changes
   * The default priority order of TLS 1.3 cipher suites has been modified to
     follow the same rules as the TLS 1.2 cipher suites (see
     ssl_ciphersuites.c). The preferred cipher suite is now
     TLS_CHACHA20_POLY1305_SHA256.

Bugfix
   * In the TLS 1.3 server, select the preferred client cipher suite, not the
     least preferred. The selection error was introduced in Mbed TLS 3.3.0.
   * Fix TLS 1.3 session resumption when the established pre-shared key is
     384 bits long. That is the length of pre-shared keys created under a
     session where the cipher suite is TLS_AES_256_GCM_SHA384.
Add change log Signed-off-by: Ronald Cron <ronald.cron@arm.com> 2023-02-17 15:49:03 +01:00			`Default behavior changes`
			`* The default priority order of TLS 1.3 cipher suites has been modified to`
			`follow the same rules as the TLS 1.2 cipher suites (see`
Fix and improve documentation, comments and logs Signed-off-by: Ronald Cron <ronald.cron@arm.com> 2023-02-21 08:53:33 +01:00			`ssl_ciphersuites.c). The preferred cipher suite is now`
			`TLS_CHACHA20_POLY1305_SHA256.`
Add change log Signed-off-by: Ronald Cron <ronald.cron@arm.com> 2023-02-17 15:49:03 +01:00
			`Bugfix`
Fix and improve documentation, comments and logs Signed-off-by: Ronald Cron <ronald.cron@arm.com> 2023-02-21 08:53:33 +01:00			`* In the TLS 1.3 server, select the preferred client cipher suite, not the`
			`least preferred. The selection error was introduced in Mbed TLS 3.3.0.`
Add change log Signed-off-by: Ronald Cron <ronald.cron@arm.com> 2023-02-17 15:49:03 +01:00			`* Fix TLS 1.3 session resumption when the established pre-shared key is`
			`384 bits long. That is the length of pre-shared keys created under a`
			`session where the cipher suite is TLS_AES_256_GCM_SHA384.`