blob: bfb0fd0e03095c3d3126e7a3d867cb2da133bfcb [file] [log] [blame]
Default behavior changes
* Some default policies for X.509 certificate verification and TLS have
changed: curves and hashes weaker than 255 bits are no longer accepted
by default. The default order in TLS now favors faster curves over larger
curves.
Removals
* Remove the compile-time option
MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE.