You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by tr...@apache.org on 2014/07/12 20:10:51 UTC
svn commit: r1610015 - /httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
Author: trawick
Date: Sat Jul 12 18:10:51 2014
New Revision: 1610015
URL: http://svn.apache.org/r1610015
Log:
Sync version info in DH parameter doc with 2.4.x branch (r1610014).
Modified:
httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
Modified: httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml?rev=1610015&r1=1610014&r2=1610015&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml Sat Jul 12 18:10:51 2014
@@ -843,8 +843,10 @@ are applied independently of the authent
<note>
<title>DH parameter interoperability with primes > 1024 bit</title>
<p>
-Beginning with version 2.5.0-dev, mod_ssl makes use of
-standardized DH parameters with prime lengths of 2048, 3072 and 4096, 6144 and 8192 bits
+Beginning with version 2.4.7, mod_ssl makes use of
+standardized DH parameters with prime lengths of 2048, 3072 and 4096 bits
+and with additional prime lengths of 6144 and 8192 bits beginning with
+version 2.4.10
(from <a href="http://www.ietf.org/rfc/rfc3526.txt">RFC 3526</a>), and hands
them out to clients based on the length of the certificate's RSA/DSA key.
With Java-based clients in particular (Java 7 or earlier), this may lead