Update ChangeLog and migration guide
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
parent
9371a40476
commit
3b5a7c198c
2 changed files with 27 additions and 8 deletions
|
@ -1,11 +1,14 @@
|
|||
Removals
|
||||
* Remove the TLS 1.0, TLS 1.1 and DTLS 1.0 support by removing the following
|
||||
library constants: MBEDTLS_SSL_PROTO_TLS1,
|
||||
MBEDTLS_SSL_PROTO_TLS1_1, MBEDTLS_SSL_CBC_RECORD_SPLITTING,
|
||||
* Remove support for TLS 1.0, TLS 1.1 and DTLS 1.0, as well as support for
|
||||
CBC record splitting, fallback SCSV, and the ability to configure
|
||||
ciphersuites per version, which are no longer relevant. This removes the
|
||||
following public constants: MBEDTLS_SSL_PROTO_TLS1,
|
||||
MBEDTLS_SSL_PROTO_TLS1_1, MBEDTLS_SSL_MINOR_VERSION_1,
|
||||
MBEDTLS_SSL_MINOR_VERSION_2, MBEDTLS_SSL_CBC_RECORD_SPLITTING,
|
||||
MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED,
|
||||
MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED,
|
||||
MBEDTLS_SSL_FALLBACK_SCSV, MBEDTLS_SSL_FALLBACK_SCSV_VALUE,
|
||||
MBEDTLS_SSL_IS_FALLBACK, MBEDTLS_SSL_IS_NOT_FALLBACK, and functions:
|
||||
MBEDTLS_SSL_IS_FALLBACK, MBEDTLS_SSL_IS_NOT_FALLBACK; and functions:
|
||||
mbedtls_ssl_conf_cbc_record_splitting(),
|
||||
mbedtls_ssl_get_key_exchange_md_ssl_tls(), mbedtls_ssl_conf_fallback().
|
||||
Fixes #4286.
|
||||
mbedtls_ssl_get_key_exchange_md_ssl_tls(), mbedtls_ssl_conf_fallback(),
|
||||
mbedtls_ssl_conf_ciphersuites_for_version(). Fixes #4286.
|
||||
|
|
|
@ -3,9 +3,25 @@ Remove suport for TLS 1.0, 1.1 and DTLS 1.0
|
|||
|
||||
This change affects users of the TLS 1.0, 1.1 and DTLS 1.0 protocols.
|
||||
|
||||
The versions of (D)TLS that are being removed are not as secure as the latest
|
||||
versions. Keeping them in the library creates opportunities for misconfiguration
|
||||
These versions have been deprecated by RFC 8996.
|
||||
Keeping them in the library creates opportunities for misconfiguration
|
||||
and possibly downgrade attacks. More generally, more code means a larger attack
|
||||
surface, even if the code is supposedly not used.
|
||||
|
||||
The migration path is to adopt the latest versions of the protocol.
|
||||
|
||||
As a consequence of removing 1.0, support for CBC record splitting was also
|
||||
removed, as it was a work-around for a weakness in this particular version.
|
||||
There is no migration path is no longer makes sense with newer versions.
|
||||
|
||||
As a consequence of currently supporting only one version of (D)TLS (and in the
|
||||
future 1.3 which will have a different version negociation mechanism), support
|
||||
for fallback SCSV (RFC 7507) was also removed. There is no migration path as
|
||||
it's no longer useful with TLS 1.2 and later.
|
||||
|
||||
As a consequence of currently supporting only one version of (D)TLS (and in the
|
||||
future 1.3 which will have a different concept of ciphersuites), support for
|
||||
configuring ciphersuites separately for each version via
|
||||
`mbedtls_ssl_conf_ciphersuites_for_version()` was removed. Use
|
||||
`mbedtls_ssl_conf_ciphersuites()` to configure ciphersuites to use with (D)TLS
|
||||
1.2; in the future a different API will be added for (D)TLS 1.3.
|
||||
|
|
Loading…
Reference in a new issue