Mercurial > 510Connectbot

diff xml/510connectbot.in @ 358:37f4a3b506d9

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
move nist ec curves to lower priority
author Carl Byington <carl@five-ten-sg.com>
date Sun, 03 Aug 2014 11:16:40 -0700
parents b40bc65fa09a
children 395a16681ae1
line wrap: on
line diff
--- a/xml/510connectbot.in	Fri Aug 01 13:34:58 2014 -0700
+++ b/xml/510connectbot.in	Sun Aug 03 11:16:40 2014 -0700
@@ -80,8 +80,17 @@
                 </para></listitem>
 
                 <listitem><para>
-                    The underlying ssh code has been updated from trilead to
-                    ganymed. Elliptic curve crypto is now supported.
+                    The underlying compression code from jcraft has
+                    been updated. The underlying socks proxy code has
+                    been updated. The underlying ssh code has been
+                    updated from trilead to ganymed. Elliptic curve
+                    crypto is now supported, but the NIST curves are
+                    placed after the RSA and DH types in the list of
+                    key exchange algorithms, so they should only be
+                    used if the server does not support RSA or
+                    DH. This change is based on on a general lack of
+                    trust in NIST curves that have possibly been
+                    compromised by NSA.
                 </para></listitem>
 
                 <listitem><para>