From: Joe Orton <jorton@apache.org>
Date: Thu, 26 Jun 2014 15:54:34 +0000 (+0000)
Subject: - note tweak to DH parameter sizes used in r1605827;
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9573e79c8bb379afea12a48c88f766d778d6c5d5;p=thirdparty%2Fapache%2Fhttpd.git

- note tweak to DH parameter sizes used in r1605827;
  dropped the date reference here since it would no longer
  be accurate.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1605829 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/docs/manual/mod/mod_ssl.xml b/docs/manual/mod/mod_ssl.xml
index 2f4a6cfb178..fd365ba489a 100644
--- a/docs/manual/mod/mod_ssl.xml
+++ b/docs/manual/mod/mod_ssl.xml
@@ -843,8 +843,8 @@ are applied independently of the authentication algorithm type.</p>
 <note>
 <title>DH parameter interoperability with primes > 1024 bit</title>
 <p>
-Beginning with version 2.5.0-dev as of 2013-09-29, mod_ssl makes use of
-standardized DH parameters with prime lengths of 2048, 3072 and 4096 bits
+Beginning with version 2.5.0-dev, mod_ssl makes use of
+standardized DH parameters with prime lengths of 2048, 3072 and 4096, 6144 and 8192 bits
 (from <a href="http://www.ietf.org/rfc/rfc3526.txt">RFC 3526</a>), and hands
 them out to clients based on the length of the certificate's RSA/DSA key.
 With Java-based clients in particular (Java 7 or earlier), this may lead