1/*!
2
3## Current features
4
5* TLS1.2 and TLS1.3.
6* ECDSA, Ed25519 or RSA server authentication by clients.
7* ECDSA, Ed25519 or RSA server authentication by servers.
8* Forward secrecy using ECDHE; with curve25519, nistp256 or nistp384 curves.
9* AES128-GCM and AES256-GCM bulk encryption, with safe nonces.
10* ChaCha20-Poly1305 bulk encryption ([RFC7905](https://tools.ietf.org/html/rfc7905)).
11* ALPN support.
12* SNI support.
13* Tunable MTU to make TLS messages match size of underlying transport.
14* Optional use of vectored IO to minimise system calls.
15* TLS1.2 session resumption.
16* TLS1.2 resumption via tickets (RFC5077).
17* TLS1.3 resumption via tickets or session storage.
18* TLS1.3 0-RTT data for clients.
19* Client authentication by clients.
20* Client authentication by servers.
21* Extended master secret support (RFC7627).
22* Exporters (RFC5705).
23* OCSP stapling by servers.
24* SCT stapling by servers.
25* SCT verification by clients.
26
27## Possible future features
28
29* PSK support.
30* OCSP verification by clients.
31* Certificate pinning.
32
33## Non-features
34
35For reasons explained in the other sections of this manual, rustls does not
36and will not support:
37
38* SSL1, SSL2, SSL3, TLS1 or TLS1.1.
39* RC4.
40* DES or triple DES.
41* EXPORT ciphersuites.
42* MAC-then-encrypt ciphersuites.
43* Ciphersuites without forward secrecy.
44* Renegotiation.
45* Kerberos.
46* Compression.
47* Discrete-log Diffie-Hellman.
48* Automatic protocol version downgrade.
49
50*/
51