news: note the addition of ECX and SHAKE256 to the FIPS provider as non-approved algorithms

Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11371)
3 years ago · 19985ac42c
parent b5bcc05302
commit 19985ac42c
1 changed files with 3 additions and 0 deletions
--- a/NEWS.md
+++ b/NEWS.md
@ -21,6 +21,9 @@ OpenSSL 3.0

 ### Major changes between OpenSSL 1.1.1 and OpenSSL 3.0 [under development] ###

+  * The X25519, X448, Ed25519, Ed448 and SHAKE256 algorithms are included in
+    the FIPS provider.  None have the "fips=yes" property set and, as such,
+    will not be accidentially used.
  * The algorithm specific public key command line applications have
    been deprecated.  These include dhparam, gendsa and others.  The pkey
    alternatives should be used intead: pkey, pkeyparam and genpkey.