From 3e8d1983b35662a45c6c5d887a6afd7a282bffe6 Mon Sep 17 00:00:00 2001 From: Dirk Date: Mon, 20 Jan 2020 12:49:49 +0100 Subject: [PATCH] reorder / rephrase some points --- CHANGELOG.md | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b5ca05bc..289f81aa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,7 +1,7 @@ ## Change Log -### Features implemented in 3.0 +### Features implemented / improvements in 3.0 * Full support of TLS 1.3, shows also drafts supported * Extended protocol downgrade checks @@ -40,22 +40,24 @@ * Exit codes better: 0 for running without error, 1+n for small errors, >240 for major errors. * Better error msg suppression (not fully installed OpenSSL) * Better parsing of HTTP headers & better output of longer HTTP headers +* Display more HTTP security headers * HTTP Basic Auth support for HTTP header -* "eTLS" detection +* experimental "eTLS" detection * Dockerfile and repo @ docker hub with that file (see above) * Java Root CA store added * Better support for XMPP via STARTTLS & faster * Certificate check for to-name in stream of XMPP * Support for NNTP and LMTP via STARTTLS, fixes for MySQL and PostgresQL * Support for SNI and STARTTLS -* More robustness for any STARTTLS protocol (fall back to plaintext while in TLS) +* More robustness for any STARTTLS protocol (fall back to plaintext while in TLS caused problems) +* Renegotiation checks improved, also no false potive for Node.js anymore * Major update of client simulations with self-collected up-to-date data * Update of CA certificate stores * Lots of bug fixes * More travis/CI checks -- still place for improvements * Man page reviewed -### Features implemented in 2.9.5 +### Features implemented / improvements in 2.9.5 * Way better coverage of ciphers as most checks are done via bash sockets where ever possible * Further tests via TLS sockets and improvements (handshake parsing, completeness, robustness)