From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Tue, 13 Mar 2018 10:11:52 +0000 (+0100)
Subject: doc update
X-Git-Tag: gnutls_3_6_3~194^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=c21c85550f6beb00d11ebd59cbcf3bcd2ccf926d;p=thirdparty%2Fgnutls.git

doc update

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
---

diff --git a/NEWS b/NEWS
index 6c2c7f7acb..064f8590ea 100644
--- a/NEWS
+++ b/NEWS
@@ -11,7 +11,7 @@ See the end for copying conditions.
    mode, i.e., strict vs a more lax mode which will allow certain non FIPS140-2
    operations.
 
-** libgnutls: Introduced support for draft-ietf-tls-tls13-23. It includes version
+** libgnutls: Introduced support for draft-ietf-tls-tls13-26. It includes version
    negotiation, post handshake authentication, length hiding, multiple OCSP support,
    consistent ciphersuite support across protocols, hello retry requests, ability
    to adjust key shares via gnutls_init() flags, certificate authorities extension,
@@ -29,6 +29,10 @@ See the end for copying conditions.
 ** libgnutls: gnutls_privkey_import_ext4() was enhanced with the
    GNUTLS_PRIVKEY_INFO_PK_ALGO_BITS flag.
 
+** libgnutls: on group exchange honor the %SERVER_PRECEDENCE and select the groups
+   which are preferred by the server. That unfortunately has complicated semantics
+   as TLS1.2 requires specific ordering of the groups based on the ciphersuite ordering,
+   making group order unpredictable under TLS1.3.
 
 ** API and ABI modifications:
 gnutls_fips140_set_mode: Added