Document RFC 7525 changes

author William A. Rowe Jr <wrowe@apache.org>

Thu, 14 May 2015 19:01:08 +0000 (19:01 +0000)

committer William A. Rowe Jr <wrowe@apache.org>

Thu, 14 May 2015 19:01:08 +0000 (19:01 +0000)
author William A. Rowe Jr <wrowe@apache.org>
Thu, 14 May 2015 19:01:08 +0000 (19:01 +0000)
committer William A. Rowe Jr <wrowe@apache.org>
Thu, 14 May 2015 19:01:08 +0000 (19:01 +0000)
diff --git a/CHANGES b/CHANGES

index eccd9ae5c558e9efb9dfb32586b45abaa142f6ab..60ab61aaa19e1e5db679322b54c3f545b77840f2 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,14 @@
                                                           -*- coding: utf-8 -*-
  Changes with Apache 2.5.0
  
+  *) In alignment with RFC 7525, the default recommended SSLCipherSuite
+     and SSLProxyCipherSuite now exclude RC4 as well as MD5.  Existing
+     configurations must be adjusted by the administrator. [William Rowe]
+
+  *) In alignment with RFC 7525, the default recommended SSLProtocol and
+     SSLProxyProtocol directives now excludes SSLv3.  Existing configurations
+     must be adjusted by the administrator. [William Rowe]
+
    *) mod_authn_dbd, mod_authz_dbd, mod_session_dbd, mod_rewrite: Fix lifetime
       of DB lookup entries independently of the selected DB engine.  PR 46421.
       [Steven whitson <steven.whitson gmail com>, Jan Kaluza, Yann Ylavic].
author	William A. Rowe Jr <wrowe@apache.org>
	Thu, 14 May 2015 19:01:08 +0000 (19:01 +0000)
committer	William A. Rowe Jr <wrowe@apache.org>
	Thu, 14 May 2015 19:01:08 +0000 (19:01 +0000)