2018-10-20 - Peter Simons <firstname.lastname@example.org>
- Use https URL to refer to bugs.opensuse.org.
2018-07-18 - email@example.com
- Cosmetic: replace tabs with blanks, strip trailing white space,
and update copyright headers with spec-cleaner.
2018-05-14 - firstname.lastname@example.org
- Update tls to version 1.4.1.
- Enable X25519 in default parameters [#265](https://github.com/vincenthz/hs-tls/pull/265)
- Checking EOF in bye [#262] (https://github.com/vincenthz/hs-tls/pull/262)
- Improving validation in DH key exchange [#256](https://github.com/vincenthz/hs-tls/pull/256)
- Handle TCP reset during handshake [#251](https://github.com/vincenthz/hs-tls/pull/251)
- Accepting hlint suggestions.
- Wrap renegotiation failures with HandshakeFailed [#237](https://github.com/vincenthz/hs-tls/pull/237)
- Improve selection of server certificate and use "signature_algorithms" extension [#236](https://github.com/vincenthz/hs-tls/pull/236)
- Change Bytes to ByteString and deprecate the Bytes type alias [#230](https://github.com/vincenthz/hs-tls/pull/230)
- Session compression and SNI [#223](https://github.com/vincenthz/hs-tls/pull/223)
- Deprecating ciphersuite_medium. Putting WARNING to ciphersuite_all since this includes RC4 [#153](https://github.com/vincenthz/hs-tls/pull/153) [#222](https://github.com/vincenthz/hs-tls/pull/222)
- Removing NPN [#214](https://github.com/vincenthz/hs-tls/pull/214)
- Supporting RSAPSS defined in TLS 1.3 [#207](https://github.com/vincenthz/hs-tls/pull/207)
- Supporting X25519 and X448 in the IES style. [#205](https://github.com/vincenthz/hs-tls/pull/205)
- Strip leading zeros in DHE premaster secret [#201](https://github.com/vincenthz/hs-tls/pull/201)
- RSASSA-PSS signatures can be enabled with `supportedHashSignatures`. This
uses assignments from TLS 1.3, for example `(HashIntrinsic, SignatureRSApssSHA256)`.
- Diffie-Hellman with elliptic curves X25519 and X448: This can be enabled with
`supportedGroups`, which also gives control over curve preference.
- ECDH with curve P-256 now uses optimized C implementation from package `cryptonite`.
- Cipher list `ciphersuite_medium` is now deprecated, users are advised to use
`ciphersuite_default` or `ciphersuite_strong`. List `ciphersuite_all` is kept
for compatibility with old servers but this is discouraged and generates a
warning (this includes RC4 ciphers, see [#153](https://github.com/vincenthz/hs-tls/pull/153)
- Support for NPN (Next Protocol Negotiation) has been removed. The replacement
is ALPN (Application-Layer Protocol Negotiation).
- Data type `SessionData` now contains fields for compression algorithm and
client SNI. A `SessionManager` implementation that serializes/deserializes
`SessionData` values must deal with the new fields.
- Module `Network.TLS` exports a type alias named `Bytes` which is now deprecated.
The replacement is to use strict `ByteString` directly.
2017-08-03 - email@example.com
- Updated with latest spec-cleaner version 0.9.8-8-geadfbbf.
2017-06-30 - firstname.lastname@example.org
- Update to version 1.3.11.
2017-04-26 - email@example.com
- Update to version 1.3.10 revision 2 with cabal2obs.
2017-03-27 - firstname.lastname@example.org
- Update to version 1.3.10 revision 1 with cabal2obs.
2017-01-18 - email@example.com
- Update to version 1.3.9 with cabal2obs.
2016-07-10 - firstname.lastname@example.org
- Update to version 1.3.8 revision 0 with cabal2obs.
2016-05-13 - email@example.com
- update to 1.3.8