clarify offline signing for release notes

2023-05-05 18:51:25 -04:00 · 2023-05-05 18:51:25 -04:00 · c9ae4395ab
commit c9ae4395ab
parent c0d43a0545
1 changed files with 1 additions and 1 deletions
--- a/static/releases.html
+++ b/static/releases.html
@ -625,7 +625,7 @@
                        <li>Settings: port SUPL setting to new infrastructure</li>
                        <li>Settings: remove icon for Internet connectivity check and remote key provisioning settings for now</li>
                        <li>kernel (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro: Mali GPU driver update</li>
-                        <li>System Updater: add TLS key pinning with expiration 2 months in the future to make TLS more useful as an additional layer of security before the 3 layers of offline update signing (update package signature, update_engine payload signature and verified boot signature) while also avoiding blocking updates on extremely out-of-date installs falling behind changes to our TLS certificate approach</li>
+                        <li>System Updater: add TLS key pinning with expiration 2 months in the future to make TLS more useful as an additional layer of security before the 3 layers of offline update signing with downgrade protection (update package signature, update_engine payload signature and verified boot signatures) while also avoiding blocking updates on extremely out-of-date installs falling behind changes to our TLS certificate approach</li>
                        <li>update timezone data to Android mainline 331314030 (based on tzdata 2023a)</li>
                        <li>kernel (Generic 5.15): update to latest GKI LTS branch revision including update to 5.15.106</li>
                        <li>Vanadium: update to <a href="https://github.com/GrapheneOS/Vanadium/releases/tag/113.0.5672.77.0">version 113.0.5672.77.0</a></li>