From 3711af53d52ca336f0125d5472c61fb25a8bce8b Mon Sep 17 00:00:00 2001 From: Johanna Amann Date: Wed, 11 Dec 2024 08:18:05 +0000 Subject: [PATCH] Add blurb about Spicy SSL to NEWS --- NEWS | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/NEWS b/NEWS index 7a36130706..3c6a78443f 100644 --- a/NEWS +++ b/NEWS @@ -172,6 +172,16 @@ New Functionality when doing so as Zeek nodes will not listen on Broker ports anymore, nor will they establish a peering to other nodes. +- Zeek now ships with an experimental Spicy-based SSL analyzer, which is + disabled by default. This analyzer can be enabled using the + ``--enable-spicy-ssl`` conifgure-time option. The Spicy-based analyzer has + full support for SSL and TLS, just like the current binpac analyzer. It does, + however, not support any version of DTLS. Enabling it will disable DTLS + parsing in Zeek. + + The analyzer is currently mostly interesting if you want to experiment with + SSL; we do not yet recommend to enable it in normal Zeek deployments. + Changed Functionality ---------------------