diff options
| -rw-r--r-- | doc/api/crypto.md | 11 | ||||
| -rw-r--r-- | doc/api/deprecations.md | 19 | ||||
| -rw-r--r-- | doc/api_assets/style.css | 3 |
3 files changed, 29 insertions, 4 deletions
diff --git a/doc/api/crypto.md b/doc/api/crypto.md index 37ced4e9981..b6a25b10d50 100644 --- a/doc/api/crypto.md +++ b/doc/api/crypto.md @@ -1185,15 +1185,20 @@ const dh = createDiffieHellmanGroup('modp16'); The following groups are supported: -* `'modp1'` (768 bits, [RFC 2409][] Section 6.1) -* `'modp2'` (1024 bits, [RFC 2409][] Section 6.2) -* `'modp5'` (1536 bits, [RFC 3526][] Section 2) * `'modp14'` (2048 bits, [RFC 3526][] Section 3) * `'modp15'` (3072 bits, [RFC 3526][] Section 4) * `'modp16'` (4096 bits, [RFC 3526][] Section 5) * `'modp17'` (6144 bits, [RFC 3526][] Section 6) * `'modp18'` (8192 bits, [RFC 3526][] Section 7) +The following groups are still supported but deprecated (see [Caveats][]): + +* `'modp1'` (768 bits, [RFC 2409][] Section 6.1) <span class="deprecated-inline"></span> +* `'modp2'` (1024 bits, [RFC 2409][] Section 6.2) <span class="deprecated-inline"></span> +* `'modp5'` (1536 bits, [RFC 3526][] Section 2) <span class="deprecated-inline"></span> + +These deprecated groups might be removed in future versions of Node.js. + ## Class: `ECDH` <!-- YAML diff --git a/doc/api/deprecations.md b/doc/api/deprecations.md index fd2d7a8c331..1d29a76306e 100644 --- a/doc/api/deprecations.md +++ b/doc/api/deprecations.md @@ -3220,9 +3220,28 @@ Package imports and exports targets mapping into paths including a double slash error in a future release. This same deprecation also applies to pattern matches starting or ending in a slash. +### DEP0167: Weak `DiffieHellmanGroup` instances (`modp1`, `modp2`, `modp5`) + +<!-- YAML +changes: + - version: REPLACEME + pr-url: https://github.com/nodejs/node/pull/44588 + description: Documentation-only deprecation. +--> + +Type: Documentation-only + +The well-known MODP groups `modp1`, `modp2`, and `modp5` are deprecated because +they are not secure against practical attacks. See [RFC 8247 Section 2.4][] for +details. + +These groups might be removed in future versions of Node.js. Applications that +rely on these groups should evaluate using stronger MODP groups instead. + [Legacy URL API]: url.md#legacy-url-api [NIST SP 800-38D]: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf [RFC 6066]: https://tools.ietf.org/html/rfc6066#section-3 +[RFC 8247 Section 2.4]: https://www.rfc-editor.org/rfc/rfc8247#section-2.4 [WHATWG URL API]: url.md#the-whatwg-url-api [`"exports"` or `"main"` entry]: packages.md#main-entry-point-export [`--pending-deprecation`]: cli.md#--pending-deprecation diff --git a/doc/api_assets/style.css b/doc/api_assets/style.css index acab9bfa048..4bff9e3299f 100644 --- a/doc/api_assets/style.css +++ b/doc/api_assets/style.css @@ -598,7 +598,8 @@ hr { padding-left: 5rem; } -#toc .stability_0::after { +#toc .stability_0::after, +.deprecated-inline::after { background-color: var(--red2); color: var(--white); content: "deprecated"; |