Mention new NSM warnings

author: Lars Ingebrigtsen 2019-08-23 04:54:42 +0200
committer: Lars Ingebrigtsen 2019-08-23 04:54:42 +0200
commit: ac77e62b23a2745bdb0dab41f5e91002b67ed4f1 (patch)
tree: 5f7d71fa73821f82a24d3380f8c480b032778d69
parent: 53cb3d3e0ddb666dc5b7774957ca863c668213cb (diff)
download: emacs-ac77e62b23a2745bdb0dab41f5e91002b67ed4f1.tar.gz
emacs-ac77e62b23a2745bdb0dab41f5e91002b67ed4f1.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/etc/NEWS b/etc/NEWS
index a4a11cc787a..cd474640392 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -275,7 +275,8 @@ variable.
 +++
 ** TLS connections have their security tightened by default.
 Most of the checks for outdated, believed-to-be-weak TLS algorithms
-and ciphers are now switched on by default.  By default, the NSM will
+and ciphers are now switched on by default.  (In addition, several new
+TLS weaknesses are now warned about.)  By default, the NSM will
 flag connections using these weak algorithms and ask users whether to
 allow them.  To get the old behavior back (where certificates are
 checked for validity, but no warnings about weak cryptography are
author	Lars Ingebrigtsen	2019-08-23 04:54:42 +0200
committer	Lars Ingebrigtsen	2019-08-23 04:54:42 +0200
commit	ac77e62b23a2745bdb0dab41f5e91002b67ed4f1 (patch)
tree	5f7d71fa73821f82a24d3380f8c480b032778d69
parent	53cb3d3e0ddb666dc5b7774957ca863c668213cb (diff)
download	emacs-ac77e62b23a2745bdb0dab41f5e91002b67ed4f1.tar.gz emacs-ac77e62b23a2745bdb0dab41f5e91002b67ed4f1.zip

diff --git a/etc/NEWS b/etc/NEWS index a4a11cc787a..cd474640392 100644 --- a/etc/NEWS +++ b/etc/NEWS
@@ -275,7 +275,8 @@ variable.
275	+++	275	+++
276	** TLS connections have their security tightened by default.	276	** TLS connections have their security tightened by default.
277	Most of the checks for outdated, believed-to-be-weak TLS algorithms	277	Most of the checks for outdated, believed-to-be-weak TLS algorithms
278	and ciphers are now switched on by default. By default, the NSM will	278	and ciphers are now switched on by default. (In addition, several new
		279	TLS weaknesses are now warned about.) By default, the NSM will
279	flag connections using these weak algorithms and ask users whether to	280	flag connections using these weak algorithms and ask users whether to
280	allow them. To get the old behavior back (where certificates are	281	allow them. To get the old behavior back (where certificates are
281	checked for validity, but no warnings about weak cryptography are	282	checked for validity, but no warnings about weak cryptography are