Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-31 05:45:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add David's downgrade checks, Dirk's improvements for OpenBSD

Browse Source
This commit is contained in:
Dirk
2020-01-08 11:22:09 +01:00
parent a42b98c0ff
commit 554b49bc75
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
CHANGELOG.md
View File

@@ -4,9 +4,11 @@
### Features implemented in 3.0
* Full support of TLS 1.3, shows also drafts supported
* Extended protocol downgrade checks
* ROBOT check
* Better TLS extension support
* Better OpenSSL 1.1.1 and higher versions support
* Better OpenSSL 1.1.1 and higher versions support as well as LibreSSL >3
* More robustness for OpenBSD
* DNS over Proxy and other proxy improvements
* Decoding of unencrypted BIG IP cookies
* Initial client certificate support
@@ -27,7 +29,7 @@
* TLS Robustness check (GREASE)
* Server preference distinguishes between TLS 1.3 and lower protocols
* Mark TLS 1.0 and TLS 1.1 as deprecated
* Does a few startup checks which make later tests easier and faster (determine_optimal_\*() )
* Does a few startup checks which make later tests easier and faster (``determine_optimal_\*()``)
* Expect-CT Header Detection
* `--phone-out` does certificate revocation checks via OCSP (LDAP+HTTP) and with CRL
* `--phone-out` checks whether the private key has been compromised via https://pwnedkeys.com/