git: 4663b1baa8ac - stable/13 - Add an entry for NFS-over-TLS.
Rick Macklem
rmacklem at FreeBSD.org
Sun Mar 7 15:13:04 UTC 2021
The branch stable/13 has been updated by rmacklem:
URL: https://cgit.FreeBSD.org/src/commit/?id=4663b1baa8acc35e3bf0ae8dde1ce534c86268e3
commit 4663b1baa8acc35e3bf0ae8dde1ce534c86268e3
Author: Rick Macklem <rmacklem at FreeBSD.org>
AuthorDate: 2021-03-07 15:11:50 +0000
Commit: Rick Macklem <rmacklem at FreeBSD.org>
CommitDate: 2021-03-07 15:11:50 +0000
Add an entry for NFS-over-TLS.
---
RELNOTES | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/RELNOTES b/RELNOTES
index 602170394523..40fae9249b53 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -10,6 +10,15 @@ newline. Entries should be separated by a newline.
Changes to this file should not be MFCed.
+2c76eebca71b, 59f6f5e23c1a:
+ Add two daemons rpc.tlsclntd(8) and rpc.tlsservd(8) that provide
+ support for NFS-over-TLS as described in the Internet Draft titled
+ "Towards Remote Procedure Call Encryption By Default".
+ These daemons are only built when WITH_OPENSSL_KTLS is specified
+ and are only tested on amd64 at this time.
+ They use KTLS to encrypt/decrypt all NFS RPC message traffic, plus
+ optional verification of machine identity via X.509 certificates.
+
f76393a6305b6:
Add AES-GCM support to armv8crypto(4) providing accelerated
support for KTLS, IPsec, and other crypto API consumers.
More information about the dev-commits-src-all
mailing list