doc: update outdated section on TLSv1.3-PSK

Recent OpenSSL versions support PSKs with non-SHA-256 TLSv1.3 ciphers, e.g., TLS_AES_256_GCM_SHA384. PR-URL: https://github.com/nodejs/node/pull/48123 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
2026-01-15 12:15:26 +00:00 · 2023-05-25 00:22:59 +02:00
parent a0e11d7885
commit 817c5799e2
1 changed files with 2 additions and 2 deletions
--- a/doc/api/tls.md
+++ b/doc/api/tls.md
@@ -173,8 +173,8 @@ low-entropy sources is not secure.
 PSK ciphers are disabled by default, and using TLS-PSK thus requires explicitly
 specifying a cipher suite with the `ciphers` option. The list of available
 ciphers can be retrieved via `openssl ciphers -v 'PSK'`. All TLS 1.3
-ciphers are eligible for PSK but currently only those that use SHA256 digest are
-supported they can be retrieved via `openssl ciphers -v -s -tls1_3 -psk`.
+ciphers are eligible for PSK and can be retrieved via
+`openssl ciphers -v -s -tls1_3 -psk`.

 According to the [RFC 4279][], PSK identities up to 128 bytes in length and
 PSKs up to 64 bytes in length must be supported. As of OpenSSL 1.1.0