Modify CHANGES [GL #2796]

Mention the new "tls" options in the CHANGES file.

diff --git a/CHANGES b/CHANGES
index 1ac9a627ac1ed2271eafe3f3c52d31cf293a8a6c..0ee3ee69771f3188de60a2e021b2d16320583520 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,18 @@
+5729.  [func]          Allow finer control over the TLS protocol by
+                       implementing more options within "tls" clauses, namely:
+                       - Diffie-Hellman parameters via
+                         'dhparam-file "<path_to_file>";'
+                       - OpenSSL cipher list string via
+                         'ciphers "<cipher_list>";'
+                       - Server or client ciphers preference via
+                         'prefer-server-ciphers yes|no;'
+                       - Ability to explicitly enable or disable stateless
+                         TLS session tickets via 'session-tickets yes|no;'
+                       The options are enough to implement perfect forward
+                       secrecy in DNS-over-TLS, DNS-over-HTTPS transports.
+                       Most of these options were no-op before this
+                       change. [GL #2796]
+
 5728.  [func]          Allow specifying supported TLS protocol
                        versions within "tls" clauses
                        (e.g. protocols { TLSv1.2; TLSv1.3; };). [GL #2795]