diff --git a/docs/configuration/shared/tls.md b/docs/configuration/shared/tls.md index 8540d59c..c28314d9 100644 --- a/docs/configuration/shared/tls.md +++ b/docs/configuration/shared/tls.md @@ -164,10 +164,9 @@ By default, the maximum version is currently TLS 1.3. #### cipher_suites -The elliptic curves that will be used in an ECDHE handshake, in preference order. +A list of enabled TLS 1.0–1.2 cipher suites. The order of the list is ignored. Note that TLS 1.3 cipher suites are not configurable. -If empty, the default will be used. The client will use the first preference as the type for its key share in TLS 1.3. -This may change in the future. +If empty, a safe default list is used. The default cipher suites might change over time. #### certificate diff --git a/docs/configuration/shared/tls.zh.md b/docs/configuration/shared/tls.zh.md index 620956df..fcea5ba1 100644 --- a/docs/configuration/shared/tls.zh.md +++ b/docs/configuration/shared/tls.zh.md @@ -162,12 +162,9 @@ TLS 版本值: #### cipher_suites -将在 ECDHE 握手中使用的椭圆曲线,按优先顺序排列。 +启用的 TLS 1.0-1.2密码套件的列表。列表的顺序被忽略。请注意,TLS 1.3 的密码套件是不可配置的。 -如果为空,将使用默认值。 - -客户端将使用第一个首选项作为其在 TLS 1.3 中的密钥共享类型。 -这在未来可能会改变。 +如果为空,则使用安全的默认列表。默认密码套件可能会随着时间的推移而改变。 #### certificate