From: Katie Hockman <katie@golang.org>
Date: Tue, 2 Jun 2020 19:52:51 +0000 (-0400)
Subject: doc/go1.15: add release notes for crypto/tls
X-Git-Tag: go1.15beta1~19
X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=5716ae6c9610f31e2cdefd07eea78174414c3dca;p=gostls13.git

doc/go1.15: add release notes for crypto/tls

Updates #37419

Change-Id: Ie81c0b03716799c132e90dc231ab816e6ae43469
Reviewed-on: https://go-review.googlesource.com/c/go/+/236166
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
---

diff --git a/doc/go1.15.html b/doc/go1.15.html
index 73dbf89c2d..7506a6aa49 100644
--- a/doc/go1.15.html
+++ b/doc/go1.15.html
@@ -406,6 +406,20 @@ TODO
       <a href="/pkg/crypto/tls/#Dialer.DialContext"><code>DialContext</code></a>
       method permits using a context to both connect and handshake with a TLS server.
     </p>
+
+    <p><!-- CL 229122 -->
+      The new
+      <a href="/pkg/crypto/tls/#Config.VerifyConnection"><code>VerifyConnection</code></a>
+      callback on the <a href="/pkg/crypto/tls/#Config"><code>Config</code></a> type
+      allows custom verification logic for every connection. It has access to the
+      <a href="/pkg/crypto/tls/#ConnectionState"><code>ConnectionState</code></a>
+      which includes peer certificates, SCTs, and stapled OCSP responses.
+    </p>
+
+    <p><!-- CL 230679 -->
+      Auto-generated session ticket keys are now automatically rotated every 24 hours,
+      with a lifetime of 7 days, to limit their impact on forward secrecy.
+    </p>
   </dd>
 </dl>