Disable RC4.

[tlsproxy/tlsproxy.git] / NEWS

diff --git a/NEWS b/NEWS
index 5bf933b2a85f1d405162552ba554e465ce17953d..3078a208bb2529cb4f210d879438d26a40d5ffad 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -11,7 +11,13 @@ NEWS
 
     certtool --generate-dh-params --sec-param high --outfile proxy-dh.pem
 
+- Use "SECURE" (replacing "NORMAL") as GnuTLS priority string which disallows
+  insecure algorithms.
 - Add -a option, authentication for tlsproxy via basic digest authentication.
+- Add new debug level (-d 3) for even more debug output, including information
+  about the current TLS session.
+- Allow rehandshakes for server connections (%SAFE_RENEGOTIATION is forced to
+  prevent security issues).
 - Use pre-generated Diffie-Hellman parameters in proxy-dh.pem.
 - Code cleanup.
 - Better error handling.