Skip to content
Browse files

Amendments + reordering

add IDN etc. -support and David's work on determine_optimal_* functions
  • Loading branch information...
drwetter committed Nov 2, 2019
1 parent e909d4c commit 35f70f23751433e0e6ca96750344b4e29989c899
Showing with 7 additions and 5 deletions.
  1. +7 −5
@@ -19,27 +19,29 @@
* PFS: Display of elliptical curves supported, DH and FFDHE groups (TLS 1.2 + TLS 1.3)
* Check for session resumption (Ticket, ID)
* TLS Robustness check (GREASE)
* Server preference distinguishes between TLS 1.3 and lower protocols
* Does a few startup checks which make later tests easier and faster (determine_optimal_\*() )
* Expect-CT Header Detection
* `--phone-out` does certificate revocation checks via OCSP (LDAP+HTTP) and with CRL
* `--phone-out` checks whether the private key has been compromised via
* Fully OpenBSD and LibreSSL support
* Missing SAN warning
* Added support for private CAs
* Man page reviewed
* Better error msg suppression (not fully installed OpenSSL)
* Way better handling of connectivity problems
* Fixed TCP fragmentation
* Added `--ids-friendly` switch
* Exit codes better: 0 for running without error, 1+n for small errors, >240 for major errors.
* Better error msg suppression (not fully installed OpenSSL)
* Dockerfile and repo @ docker hub with that file (see above)
* Java Root CA store added
* Better support for XMPP via STARTTLS & faster
* Certificate check for to-name in stream of XMPP
* Support for NNTP via STARTTLS
* Support for SNI and STARTTLS
* More robustness for any STARTTLS protocol (fall back to plaintext while in TLS)
* Fixed TCP fragmentation
* Added `--ids-friendly` switch
* Major update of client simulations with self-collected data

* IDN/IDN2 and emoji URI support (supposed libidn/idn2 is installed and DNS resolver is recent)
* Man page reviewed

### Features implemented in 2.9.5

0 comments on commit 35f70f2

Please sign in to comment.
You can’t perform that action at this time.