On Fri, May 22, 2015 at 8:43 AM, <wr...@apache.org> wrote: > Author: wrowe > Date: Fri May 22 06:43:12 2015 > New Revision: 1681002 > [] > > Modified: > httpd/httpd/branches/2.2.x/CHANGES [] > > Modified: httpd/httpd/branches/2.2.x/CHANGES > URL: > http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=1681002&r1=1681001&r2=1681002&view=diff > ============================================================================== > --- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original) > +++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Fri May 22 06:43:12 2015 > @@ -1,6 +1,14 @@ > -*- coding: utf-8 > -*- > Changes with Apache 2.2.30 > > + *) In alignment with RFC 7525, the default recommended SSLCipherSuite > + and SSLProxyCipherSuite now exclude RC4 as well as MD5. Existing > + configurations must be adjusted by the administrator. [William Rowe] > + > + *) In alignment with RFC 7525, the default recommended SSLProtocol and > + SSLProxyProtocol directives now excludes SSLv3. Existing configurations > + must be adjusted by the administrator. [William Rowe] > +
"Existing configurations must be adjusted by the administrator" sounds a bit as if they wouldn't work after this change. Maybe something like "should be aligned"?
