Return-Path: 
 <cvs-return-50319-apmail-httpd-cvs-archive=httpd.apache.org@httpd.apache.org>
X-Original-To: apmail-httpd-cvs-archive@www.apache.org
Delivered-To: apmail-httpd-cvs-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id AC9DA100AF
	for <apmail-httpd-cvs-archive@www.apache.org>;
 Fri,  4 Apr 2014 13:18:58 +0000 (UTC)
Received: (qmail 26758 invoked by uid 500); 4 Apr 2014 13:18:54 -0000
Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org
Received: (qmail 26708 invoked by uid 500); 4 Apr 2014 13:18:53 -0000
Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@httpd.apache.org
list-help: <mailto:cvs-help@httpd.apache.org>
list-unsubscribe: <mailto:cvs-unsubscribe@httpd.apache.org>
List-Post: <mailto:cvs@httpd.apache.org>
List-Id: <cvs.httpd.apache.org>
Delivered-To: mailing list cvs@httpd.apache.org
Received: (qmail 26691 invoked by uid 99); 4 Apr 2014 13:18:52 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 04 Apr 2014 13:18:52 +0000
X-ASF-Spam-Status: No, hits=-2000.0 required=5.0
	tests=ALL_TRUSTED
X-Spam-Check-By: apache.org
Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 04 Apr 2014 13:18:49 +0000
Received: from eris.apache.org (localhost [127.0.0.1])
	by eris.apache.org (Postfix) with ESMTP id C9C8323888D7;
	Fri,  4 Apr 2014 13:18:26 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r1584653 - /httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
Date: Fri, 04 Apr 2014 13:18:26 -0000
To: cvs@httpd.apache.org
From: ylavic@apache.org
X-Mailer: svnmailer-1.0.9
Message-Id: <20140404131826.C9C8323888D7@eris.apache.org>
X-Virus-Checked: Checked by ClamAV on apache.org

Author: ylavic
Date: Fri Apr  4 13:18:26 2014
New Revision: 1584653

URL: http://svn.apache.org/r1584653
Log:
Remerge r1584555 but without the changes on (un-backportable) SSLOCSPUseRequestNonce.

Modified:
    httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml

Modified: httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml?rev=1584653&r1=1584652&r2=1584653&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml Fri Apr  4 13:18:26 2014
@@ -2125,7 +2125,6 @@ SSLUserName SSL_CLIENT_S_DN_CN
 <default>SSLHonorCipherOrder off</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available if using OpenSSL 0.9.7 or later</compatibility>
 
 <usage>
 <p>When choosing a cipher during an SSLv3 or TLSv1 handshake, normally
@@ -2173,7 +2172,6 @@ SSLCryptoDevice ubsec
 <default>SSLOCSPEnable off</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
 
 <usage>
 <p>This option enables OCSP validation of the client certificate
@@ -2204,7 +2202,6 @@ SSLOCSPOverrideResponder on
 <syntax>SSLOCSDefaultResponder <em>uri</em></syntax>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
 
 <usage>
 <p>This option sets the default OCSP responder to use.  If <directive
@@ -2221,7 +2218,6 @@ the certificate being verified.</p>
 <default>SSLOCSPOverrideResponder off</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
 
 <usage>
 <p>This option forces the configured default OCSP responder to be used
@@ -2237,7 +2233,6 @@ certificate being validated references a
 <default>SSLOCSPResponseTimeSkew 300</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
 
 <usage>
 <p>This option sets the maximum allowable time skew for OCSP responses
@@ -2252,7 +2247,6 @@ certificate being validated references a
 <default>SSLOCSPResponseMaxAge -1</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
 
 <usage>
 <p>This option sets the maximum allowable age ("freshness") for OCSP responses.
@@ -2269,7 +2263,6 @@ which means that OCSP responses are cons
 <default>SSLOCSPResponderTimeout 10</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
 
 <usage>
 <p>This option sets the timeout for queries to OCSP responders, when
@@ -2345,7 +2338,7 @@ supported for a given SSL connection.</p
 <default>SSLUseStapling off</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
+<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
 
 <usage>
 <p>This option enables OCSP stapling, as defined by the "Certificate
@@ -2373,7 +2366,7 @@ stated goal of "saving roundtrips and re
 <description>Configures the OCSP stapling cache</description>
 <syntax>SSLStaplingCache <em>type</em></syntax>
 <contextlist><context>server config</context></contextlist>
-<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
+<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
 
 <usage>
 <p>Configures the cache used to store OCSP responses which get included
@@ -2392,7 +2385,7 @@ the same storage types are supported as 
 <default>SSLStaplingResponseTimeSkew 300</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
+<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
 
 <usage>
 <p>This option sets the maximum allowable time skew when mod_ssl checks the
@@ -2409,7 +2402,7 @@ if <directive module="mod_ssl">SSLUseSta
 <default>SSLStaplingResponderTimeout 10</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
+<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
 
 <usage>
 <p>This option sets the timeout for queries to OCSP responders when
@@ -2425,7 +2418,7 @@ and mod_ssl is querying a responder for 
 <default>SSLStaplingResponseMaxAge -1</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
+<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
 
 <usage>
 <p>This option sets the maximum allowable age ("freshness") when
@@ -2444,7 +2437,7 @@ which means that OCSP responses are cons
 <default>SSLStaplingStandardCacheTimeout 3600</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
+<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
 
 <usage>
 <p>Sets the timeout in seconds before responses in the OCSP stapling cache
@@ -2463,7 +2456,7 @@ used for controlling the timeout for inv
 <default>SSLStaplingReturnResponderErrors on</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
+<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
 
 <usage>
 <p>When enabled, mod_ssl will pass responses from unsuccessful
@@ -2480,7 +2473,7 @@ for failed queries will be included in t
 <default>SSLStaplingFakeTryLater on</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
+<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
 
 <usage>
 <p>When enabled and a query to an OCSP responder for stapling
@@ -2498,7 +2491,7 @@ is also enabled.</p>
 <default>SSLStaplingErrorCacheTimeout 600</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
+<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
 
 <usage>
 <p>Sets the timeout in seconds before <em>invalid</em> responses
@@ -2515,7 +2508,7 @@ To set the cache timeout for valid respo
 <syntax>SSLStaplingForceURL <em>uri</em></syntax>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
+<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
 
 <usage>
 <p>This directive overrides the URI of an OCSP responder as obtained from