• ECH: correct implementation of RFC-recommended padding scheme for SNI names in the inner client hello.
• ECH: correct padding of inner client hello when SNI is disabled.
• Alter default of ServerConfig::require_ems based on provider's FIPS status. Prior to this change, the default followed the fips crate feature, which was less helpful for users of external FIPS-approved providers.

What's Changed

• Default require_ems based on CryptoProvider FIPS status by @janrueth in #3034
• 0.23.40: backport ECH padding fixes to 0.23 by @ctz in #3044

Full Changelog: v/0.23.39...v/0.23.40

Adapts to updated nightly for the non-default read_buf feature.

What's Changed

• 0.23 branch cleanup by @djc in #3035
• Prepare 0.23.39 by @cpu in #3037

Full Changelog: v/0.23.38...v/0.23.39

What's Changed

• Backport client: allow skipping selected ALPN validation by @TaeHagen in #3020

Adds support for ML-KEM-1024 key exchange.

What's Changed

• rel-0.23 CI fixes by @ctz in #2933
• Add ML-KEM-1024 key encapsulation mechanism by @DarkmatterVale in #2932

Full Changelog: v/0.23.36...v/0.23.37

Fix #2825 by allowing P256+SHA512 and P384-SHA512 signatures in certificate chains.

What's Changed

• 0.23.36: Support P256+SHA512 and P384+SHA512 signatures in certificates by @ctz in #2828

Full Changelog: v/0.23.35...v/0.23.36

There was a regression in 0.23.23 and later where an empty value passed in ConfigBuilder::with_single_cert_with_ocsp() resulted in sending an empty OCSP value (instead of not sending anything). Thanks to @vuongDang for reporting and fixing.

What's Changed

• Backport empty OCSP fix for 0.23.35 by @djc in #2734

Fix docs.rs build after doc_auto_cfg stabilization.

What's Changed

• Privatise docsrs cfg flag by @cpu in #2718

• New feature: foundational support for QUIC multipath draft - #2706 thanks to @flub and @divagant-martian
• Bug fix: avoid long-running TLS1.3 connections from eventually failing with PeerMisbehaved::TooManyKeyUpdateRequests - #2709

What's Changed

• Support encryption for QUIC multipath by @flub in #2706
• Prepare 0.23.33 by @ctz in #2711

New Contributors

• @flub made their first contribution in #2706

Full Changelog: v/0.23.32...v/0.23.33

Support using ML-DSA keys for signing when the aws-lc-rs-unstable feature is enabled.

What's Changed

• ML-DSA signing keys by @djc in #2579

New feature: support verification of P256+SHA512 and P384-SHA512 ECDSA signatures with aws-lc-rs. This is not a recommended combination, but such signatures exist in the wild. Fixes #2661 and #2477.

What's Changed

• Fix docs link errors by @ctz in #2590
• Prepare 0.23.32 by @ctz in #2663

Full Changelog: v/0.23.31...v/0.23.32