mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-10-19 08:31:27 +00:00
11 lines
461 B
Plaintext
11 lines
461 B
Plaintext
Removals
|
|
* Remove config option MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES,
|
|
which allowed SHA-1 in the default TLS configuration for certificate
|
|
signing. It was intended to facilitate the transition in environments
|
|
with SHA-1 certificates. SHA-1 is considered a weak message digest and
|
|
its use constitutes a security risk.
|
|
|
|
Changes
|
|
* Set config option MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE to be
|
|
disabled by default.
|