From ac77e62b23a2745bdb0dab41f5e91002b67ed4f1 Mon Sep 17 00:00:00 2001 From: Lars Ingebrigtsen Date: Fri, 23 Aug 2019 04:54:42 +0200 Subject: [PATCH] Mention new NSM warnings --- etc/NEWS | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/etc/NEWS b/etc/NEWS index a4a11cc787a..cd474640392 100644 --- a/etc/NEWS +++ b/etc/NEWS @@ -275,7 +275,8 @@ variable. +++ ** TLS connections have their security tightened by default. Most of the checks for outdated, believed-to-be-weak TLS algorithms -and ciphers are now switched on by default. By default, the NSM will +and ciphers are now switched on by default. (In addition, several new +TLS weaknesses are now warned about.) By default, the NSM will flag connections using these weak algorithms and ask users whether to allow them. To get the old behavior back (where certificates are checked for validity, but no warnings about weak cryptography are -- 2.39.2