Date: Sun, 7 Mar 2021 15:13:03 GMT From: Rick Macklem <rmacklem@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: 4663b1baa8ac - stable/13 - Add an entry for NFS-over-TLS. Message-ID: <202103071513.127FD3UQ060854@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/13 has been updated by rmacklem: URL: https://cgit.FreeBSD.org/src/commit/?id=4663b1baa8acc35e3bf0ae8dde1ce534c86268e3 commit 4663b1baa8acc35e3bf0ae8dde1ce534c86268e3 Author: Rick Macklem <rmacklem@FreeBSD.org> AuthorDate: 2021-03-07 15:11:50 +0000 Commit: Rick Macklem <rmacklem@FreeBSD.org> CommitDate: 2021-03-07 15:11:50 +0000 Add an entry for NFS-over-TLS. --- RELNOTES | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/RELNOTES b/RELNOTES index 602170394523..40fae9249b53 100644 --- a/RELNOTES +++ b/RELNOTES @@ -10,6 +10,15 @@ newline. Entries should be separated by a newline. Changes to this file should not be MFCed. +2c76eebca71b, 59f6f5e23c1a: + Add two daemons rpc.tlsclntd(8) and rpc.tlsservd(8) that provide + support for NFS-over-TLS as described in the Internet Draft titled + "Towards Remote Procedure Call Encryption By Default". + These daemons are only built when WITH_OPENSSL_KTLS is specified + and are only tested on amd64 at this time. + They use KTLS to encrypt/decrypt all NFS RPC message traffic, plus + optional verification of machine identity via X.509 certificates. + f76393a6305b6: Add AES-GCM support to armv8crypto(4) providing accelerated support for KTLS, IPsec, and other crypto API consumers.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202103071513.127FD3UQ060854>