From d92bb14dcdb2120acd50cdfcd2601688f24389ba Mon Sep 17 00:00:00 2001
From: Simon Clark <simon.richard.clark@gmail.com>
Date: Jul 02 2017 18:49:05 +0000
Subject: Add entry for OpenSSL 1.1.0 - Issue #52


---

diff --git a/en-US/Security.xml b/en-US/Security.xml
index 770af8d..d5de4ce 100644
--- a/en-US/Security.xml
+++ b/en-US/Security.xml
@@ -26,7 +26,7 @@
       <title>OpenSSH Crypto</title>
       <para>
         OpenSSH clients will use system preferred key exchange algorithms, encryption ciphers, and message authentication code (MAC) algorithms.
-        This is enabled by an <literal>Include</literal> directive in <filename>/etc/ssh/ssh_config</filename> to include directives in 
+        This is enabled by an <literal>Include</literal> directive in <filename>/etc/ssh/ssh_config</filename> to include directives in
         <filename>/etc/ssh/ssh_config.d/*.conf</filename>, which pulls in <filename>/etc/crypto-policies/back-ends/openssh.config</filename>.
       </para>
     </formalpara>
@@ -41,4 +41,15 @@
       </para>
 
   </section>
+  <section id="sect-security-openssl110">
+    <title>OpenSSL 1.1.0</title>
+    <para>The introduction of OpenSSL 1.1.0 in Fedora 26 brings brings many big
+      improvements, new cryptographic algorithms, and API changes that allow
+      for keeping the ABI stable in future upgrades. There is also now a
+      compat-openssl10 package in Fedora that provides OpenSSL 1.0.2 for
+      dependent applications that cannot move to 1.1.0 yet.</para>
+    <para>There is more information about OpenSSL 1.1.0 in the
+      <ulink url="https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes">
+        OpenSSL wiki</ulink>.</para>
+  </section>
 </section>