diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 567427dd2b2..1864ab05d2e 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -89,12 +89,12 @@ jobs:
           RUST_BACKTRACE: 1
 
       - name: cargo test (debug; aws-lc-rs)
-        run: cargo test --no-default-features --features aws_lc_rs,tls12,read_buf,logging,std --all-targets
+        run: cargo test --no-default-features --features aws-lc-rs,tls12,read_buf,log,std --all-targets
         env:
           RUST_BACKTRACE: 1
 
       - name: cargo test (release; fips)
-        run: cargo test --release --no-default-features --features fips,tls12,read_buf,logging,std --all-targets
+        run: cargo test --release --no-default-features --features fips,tls12,read_buf,log,std --all-targets
         env:
           RUST_BACKTRACE: 1
 
@@ -130,14 +130,7 @@ jobs:
 
       - uses: dtolnay/rust-toolchain@master
         with:
-          toolchain: "1.71"
-
-      # zlib-rs is optional and requires a later MSRV
-      - run: cargo check --locked --lib $(admin/all-features-except zlib rustls) -p rustls
-
-      - uses: dtolnay/rust-toolchain@master
-        with:
-          toolchain: "1.75"
+          toolchain: "1.79"
 
       - run: cargo check --locked --lib --all-features -p rustls
 
@@ -184,7 +177,7 @@ jobs:
         working-directory: rustls
 
       - name: cargo test (debug; no default features; aws-lc-rs,tls12)
-        run: cargo test --no-default-features --features aws_lc_rs,tls12,std
+        run: cargo test --no-default-features --features aws-lc-rs,tls12,std
         working-directory: rustls
 
       - name: cargo test (debug; no default features; fips,tls12)
diff --git a/.github/workflows/daily-tests.yml b/.github/workflows/daily-tests.yml
index 20f88d5bd77..2bf9767fc7a 100644
--- a/.github/workflows/daily-tests.yml
+++ b/.github/workflows/daily-tests.yml
@@ -155,10 +155,10 @@ jobs:
             --package rustls
             --feature-powerset
             --no-dev-deps
-            --group-features aws_lc_rs,aws-lc-rs
-            --group-features fips,aws_lc_rs
+            --group-features aws-lc-rs,aws-lc-rs
+            --group-features fips,aws-lc-rs
             --mutually-exclusive-features fips,ring
-            --mutually-exclusive-features custom_provider,aws_lc_rs
+            --mutually-exclusive-features custom_provider,aws-lc-rs
             --mutually-exclusive-features custom_provider,ring
         env:
           RUSTFLAGS: --deny warnings
diff --git a/Cargo.lock b/Cargo.lock
index 0a6aae6b0a1..dc1da235518 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -481,7 +481,7 @@ dependencies = [
  "base64",
  "env_logger",
  "nix",
- "rustls",
+ "rustls 0.24.0-dev.0",
  "rustls-post-quantum",
  "rustls-webpki",
 ]
@@ -873,6 +873,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e7c1832837b905bbfb5101e07cc24c8deddf52f93225eee6ead5f4d63d53ddcb"
 dependencies = [
  "const-oid",
+ "pem-rfc7468",
  "zeroize",
 ]
 
@@ -961,6 +962,7 @@ dependencies = [
  "generic-array",
  "group",
  "hkdf",
+ "pem-rfc7468",
  "pkcs8",
  "rand_core 0.6.4",
  "sec1",
@@ -1358,7 +1360,7 @@ dependencies = [
  "once_cell",
  "rand 0.9.1",
  "ring",
- "rustls",
+ "rustls 0.23.28",
  "thiserror 2.0.12",
  "tinyvec",
  "tokio",
@@ -1383,7 +1385,7 @@ dependencies = [
  "parking_lot",
  "rand 0.9.1",
  "resolv-conf",
- "rustls",
+ "rustls 0.23.28",
  "smallvec",
  "thiserror 2.0.12",
  "tokio",
@@ -1732,7 +1734,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "07033963ba89ebaf1584d767badaa2e8fcec21aedea6b8c0346d487d49c28667"
 dependencies = [
  "cfg-if",
- "windows-targets 0.52.6",
+ "windows-targets 0.48.5",
 ]
 
 [[package]]
@@ -2120,6 +2122,15 @@ dependencies = [
  "serde",
 ]
 
+[[package]]
+name = "pem-rfc7468"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "88b39c9bfcfc231068454382784bb460aae594343fb030d46e9f50a645418412"
+dependencies = [
+ "base64ct",
+]
+
 [[package]]
 name = "percent-encoding"
 version = "2.3.1"
@@ -2578,6 +2589,21 @@ dependencies = [
 [[package]]
 name = "rustls"
 version = "0.23.28"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7160e3e10bf4535308537f3c4e1641468cd0e485175d6163087c0393c7d46643"
+dependencies = [
+ "aws-lc-rs",
+ "log",
+ "once_cell",
+ "rustls-pki-types",
+ "rustls-webpki",
+ "subtle",
+ "zeroize",
+]
+
+[[package]]
+name = "rustls"
+version = "0.24.0-dev.0"
 dependencies = [
  "aws-lc-rs",
  "base64",
@@ -2612,7 +2638,7 @@ name = "rustls-bench"
 version = "0.1.0"
 dependencies = [
  "clap",
- "rustls",
+ "rustls 0.24.0-dev.0",
  "rustls-graviola",
  "rustls-post-quantum",
  "rustls-test",
@@ -2631,7 +2657,7 @@ dependencies = [
  "fxhash",
  "itertools 0.14.0",
  "rayon",
- "rustls",
+ "rustls 0.24.0-dev.0",
  "rustls-fuzzing-provider",
  "rustls-test",
  "tikv-jemallocator",
@@ -2644,7 +2670,7 @@ dependencies = [
  "hickory-resolver",
  "regex",
  "ring",
- "rustls",
+ "rustls 0.24.0-dev.0",
  "tokio",
 ]
 
@@ -2659,7 +2685,7 @@ dependencies = [
  "log",
  "mio",
  "rcgen",
- "rustls",
+ "rustls 0.24.0-dev.0",
  "serde",
  "tokio",
  "webpki-roots 1.0.0",
@@ -2670,7 +2696,7 @@ name = "rustls-fuzzing-provider"
 version = "0.1.0"
 dependencies = [
  "env_logger",
- "rustls",
+ "rustls 0.24.0-dev.0",
 ]
 
 [[package]]
@@ -2680,7 +2706,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "51c72f95752eab205ea6e623eb35e14e6767640be83f0d210ba64c76f7105525"
 dependencies = [
  "graviola",
- "rustls",
+ "rustls 0.23.28",
 ]
 
 [[package]]
@@ -2692,7 +2718,7 @@ dependencies = [
  "num-bigint",
  "once_cell",
  "openssl",
- "rustls",
+ "rustls 0.24.0-dev.0",
 ]
 
 [[package]]
@@ -2710,7 +2736,7 @@ version = "0.2.2"
 dependencies = [
  "criterion",
  "env_logger",
- "rustls",
+ "rustls 0.24.0-dev.0",
  "webpki-roots 1.0.0",
 ]
 
@@ -2731,7 +2757,7 @@ dependencies = [
  "rand_core 0.6.4",
  "rcgen",
  "rsa",
- "rustls",
+ "rustls 0.24.0-dev.0",
  "sha2",
  "signature",
  "webpki-roots 1.0.0",
@@ -2743,7 +2769,7 @@ name = "rustls-provider-test"
 version = "0.1.0"
 dependencies = [
  "hex",
- "rustls",
+ "rustls 0.24.0-dev.0",
  "rustls-provider-example",
  "serde",
  "serde_json",
@@ -2753,7 +2779,7 @@ dependencies = [
 name = "rustls-test"
 version = "0.1.0"
 dependencies = [
- "rustls",
+ "rustls 0.24.0-dev.0",
 ]
 
 [[package]]
@@ -3156,7 +3182,7 @@ version = "0.26.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8e727b36a1a0e8b74c376ac2211e40c2c8af09fb4013c60d910495810f008e9b"
 dependencies = [
- "rustls",
+ "rustls 0.23.28",
  "tokio",
 ]
 
@@ -3472,7 +3498,7 @@ version = "0.1.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb"
 dependencies = [
- "windows-sys 0.59.0",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
diff --git a/Cargo.toml b/Cargo.toml
index 1b438463be5..98ed6f26c7d 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -55,7 +55,7 @@ clap = { version = "4.3.21", features = ["derive", "env"] }
 crabgrind = "=0.1.9" # compatible with valgrind package on GHA ubuntu-latest
 criterion = "0.6"
 der = "0.7"
-ecdsa = "0.16.8"
+ecdsa = { version = "0.16.8", features = ["pem"] }
 env_logger = "0.11"
 fxhash = "0.2.1"
 hashbrown = { version = "0.15", default-features = false, features = ["default-hasher", "inline-more"] }
diff --git a/README.md b/README.md
index 5b8f012443b..0e598b0a507 100644
--- a/README.md
+++ b/README.md
@@ -58,7 +58,7 @@ to a wider set of architectures and environments, or compliance requirements.  S
 Specifying `default-features = false` when depending on rustls will remove the implicit
 dependency on aws-lc-rs.
 
-Rustls requires Rust 1.71 or later. It has an optional dependency on zlib-rs which requires 1.75 or later.
+Rustls requires Rust 1.79 or later.
 
 [ring-target-platforms]: https://github.com/briansmith/ring/blob/2e8363b433fa3b3962c877d9ed2e9145612f3160/include/ring-core/target.h#L18-L64
 [`crypto::CryptoProvider`]: https://docs.rs/rustls/latest/rustls/crypto/struct.CryptoProvider.html
@@ -80,7 +80,7 @@ builder types. See the [`crypto::CryptoProvider`] documentation for more details
 
 Rustls ships with two built-in providers controlled by associated crate features:
 
-* [`aws-lc-rs`] - enabled by default, available with the `aws_lc_rs` crate feature enabled.
+* [`aws-lc-rs`] - enabled by default, available with the `aws-lc-rs` crate feature enabled.
 * [`ring`] - available with the `ring` crate feature enabled.
 
 See the documentation for [`crypto::CryptoProvider`] for details on how providers are
diff --git a/SECURITY.md b/SECURITY.md
index 417af4ca5ed..fb85404987b 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -29,8 +29,8 @@ in the course of normal development, subject to these constraints:
 - Our MSRV will be no more recent than 9 versions old, or approximately 12 months.
 
 > [!TIP]
-> At the time of writing, the most recent Rust release is 1.85.  That means
-> our MSRV could be as recent as 1.76. As it happens, it is 1.71.
+> At the time of writing, the most recent Rust release is 1.88.  That means
+> our MSRV could be as recent as 1.79. As it happens, it is 1.79.
 
 - Our MSRV policy only covers the core library crate: it does not cover tests
   or example code, and is not binding on our dependencies.
diff --git a/admin/all-features-except b/admin/all-features-except
index 395ee9d1611..d94ce63815f 100755
--- a/admin/all-features-except
+++ b/admin/all-features-except
@@ -9,7 +9,7 @@ a, b and c.
 The output is decorated with `--no-default-features --features` meaning
 it can be used directly with cargo, for example:
 
-$ cargo build $(admin/all-features-except std,logging rustls)
+$ cargo build $(admin/all-features-except std,log rustls)
 
 It is assumed but not verified that the remaining features do not
 have dependencies on the disabled features (otherwise, cargo will
diff --git a/admin/clippy b/admin/clippy
index 32250254c43..1a02146a5ce 100755
--- a/admin/clippy
+++ b/admin/clippy
@@ -23,6 +23,9 @@ run_clippy --package rustls --no-default-features --all-targets
 # run all workspace members (individually, because we don't want feature unification)
 for p in $(admin/all-workspace-members) ; do
   case "$p" in
+    rustls-bench)
+      ALL_FEATURES=$(admin/all-features-except graviola rustls-bench)
+      ;;
     *)
       ALL_FEATURES="--all-features"
       ;;
diff --git a/admin/coverage b/admin/coverage
index 3ede3b233a1..82a5f8d51de 100755
--- a/admin/coverage
+++ b/admin/coverage
@@ -7,8 +7,8 @@ cargo llvm-cov clean --workspace
 
 cargo build --locked --all-targets --all-features
 cargo test --locked --all-features
-cargo test -p rustls --locked --no-default-features --features tls12,logging,aws_lc_rs,fips,std
-cargo test -p rustls --locked --no-default-features --features tls12,logging,ring,std
+cargo test -p rustls --locked --no-default-features --features tls12,log,aws-lc-rs,fips,std
+cargo test -p rustls --locked --no-default-features --features tls12,log,ring,std
 
 # ensure both zlib and brotli are tested, irrespective of their order
 cargo test --locked $(admin/all-features-except zlib rustls)
diff --git a/bogo/Cargo.toml b/bogo/Cargo.toml
index d5c9b96b7c1..95b983d90f8 100644
--- a/bogo/Cargo.toml
+++ b/bogo/Cargo.toml
@@ -8,7 +8,7 @@ publish = false
 base64 = { workspace = true }
 env_logger = { workspace = true }
 nix = { version = "0.30", default-features = false, features = ["signal"] }
-rustls = { path = "../rustls", features = ["aws_lc_rs", "ring", "tls12"] }
+rustls = { path = "../rustls", features = ["aws-lc-rs", "ring", "tls12"] }
 rustls-post-quantum = { path = "../rustls-post-quantum", optional = true }
 webpki = { workspace = true }
 
diff --git a/bogo/src/main.rs b/bogo/src/main.rs
index ef52e4df292..5e41b226275 100644
--- a/bogo/src/main.rs
+++ b/bogo/src/main.rs
@@ -41,7 +41,10 @@ use rustls::internal::msgs::codec::{Codec, Reader};
 use rustls::internal::msgs::handshake::EchConfigPayload;
 use rustls::internal::msgs::persist::ServerSessionValue;
 use rustls::pki_types::pem::PemObject;
-use rustls::pki_types::{CertificateDer, EchConfigListBytes, PrivateKeyDer, ServerName, UnixTime};
+use rustls::pki_types::{
+    CertificateDer, EchConfigListBytes, PrivateKeyDer, ServerName, SubjectPublicKeyInfoDer,
+    UnixTime,
+};
 use rustls::server::danger::{ClientCertVerified, ClientCertVerifier};
 use rustls::server::{
     ClientHello, ProducesTickets, ServerConfig, ServerConnection, WebPkiClientVerifier,
@@ -383,7 +386,7 @@ fn decode_hex(hex: &str) -> Vec<u8> {
 #[derive(Debug)]
 struct DummyClientAuth {
     mandatory: bool,
-    root_hint_subjects: Vec<DistinguishedName>,
+    root_hint_subjects: Arc<[DistinguishedName]>,
     parent: Arc<dyn ClientCertVerifier>,
 }
 
@@ -391,7 +394,7 @@ impl DummyClientAuth {
     fn new(
         trusted_cert_file: &str,
         mandatory: bool,
-        root_hint_subjects: Vec<DistinguishedName>,
+        root_hint_subjects: Arc<[DistinguishedName]>,
     ) -> Self {
         Self {
             mandatory,
@@ -417,8 +420,8 @@ impl ClientCertVerifier for DummyClientAuth {
         self.mandatory
     }
 
-    fn root_hint_subjects(&self) -> &[DistinguishedName] {
-        &self.root_hint_subjects
+    fn root_hint_subjects(&self) -> Arc<[DistinguishedName]> {
+        self.root_hint_subjects.clone()
     }
 
     fn verify_client_cert(
@@ -515,6 +518,10 @@ impl ServerCertVerifier for DummyServerAuth {
     fn supported_verify_schemes(&self) -> Vec<SignatureScheme> {
         self.parent.supported_verify_schemes()
     }
+
+    fn request_ocsp_response(&self) -> bool {
+        true
+    }
 }
 
 #[derive(Clone, Copy, Debug, Default)]
@@ -541,6 +548,11 @@ impl sign::SigningKey for FixedSignatureSchemeSigningKey {
             self.key.choose_scheme(&[])
         }
     }
+
+    fn public_key(&self) -> Option<SubjectPublicKeyInfoDer<'_>> {
+        self.key.public_key()
+    }
+
     fn algorithm(&self) -> SignatureAlgorithm {
         self.key.algorithm()
     }
@@ -553,7 +565,7 @@ struct FixedSignatureSchemeServerCertResolver {
 }
 
 impl server::ResolvesServerCert for FixedSignatureSchemeServerCertResolver {
-    fn resolve(&self, client_hello: ClientHello<'_>) -> Option<Arc<sign::CertifiedKey>> {
+    fn resolve(&self, client_hello: &ClientHello<'_>) -> Option<Arc<sign::CertifiedKey>> {
         let mut certkey = self.resolver.resolve(client_hello)?;
         Arc::make_mut(&mut certkey).key = Arc::new(FixedSignatureSchemeSigningKey {
             key: certkey.key.clone(),
@@ -757,7 +769,7 @@ fn make_server_cfg(opts: &Options, key_log: &Arc<KeyLogMemo>) -> Arc<ServerConfi
             Arc::new(DummyClientAuth::new(
                 &opts.trusted_cert_file,
                 opts.require_any_client_cert,
-                opts.root_hint_subjects.clone(),
+                Arc::from(opts.root_hint_subjects.clone()),
             ))
         } else {
             WebPkiClientVerifier::no_client_auth()
diff --git a/ci-bench/Cargo.toml b/ci-bench/Cargo.toml
index ef3b5566121..e71179135a0 100644
--- a/ci-bench/Cargo.toml
+++ b/ci-bench/Cargo.toml
@@ -14,7 +14,7 @@ clap = { workspace = true }
 fxhash = { workspace = true }
 itertools = { workspace = true }
 rayon = { workspace = true }
-rustls = { path = "../rustls", features = ["ring", "aws_lc_rs"] }
+rustls = { path = "../rustls", features = ["ring", "aws-lc-rs"] }
 rustls-test = { workspace = true }
 rustls-fuzzing-provider = { workspace = true }
 
diff --git a/connect-tests/Cargo.toml b/connect-tests/Cargo.toml
index 548c70d946d..c642a47943d 100644
--- a/connect-tests/Cargo.toml
+++ b/connect-tests/Cargo.toml
@@ -7,7 +7,7 @@ description = "Rustls connectivity based integration tests."
 publish = false
 
 [dependencies]
-rustls = { path = "../rustls", features = ["logging"] }
+rustls = { path = "../rustls", features = ["log"] }
 
 [dev-dependencies]
 hickory-resolver = { workspace = true }
diff --git a/examples/Cargo.toml b/examples/Cargo.toml
index cd0bad26bf5..083ec6853e1 100644
--- a/examples/Cargo.toml
+++ b/examples/Cargo.toml
@@ -14,7 +14,7 @@ hickory-resolver = { workspace = true }
 log = { workspace = true }
 mio = { workspace = true }
 rcgen = { workspace = true }
-rustls = { path = "../rustls", features = ["logging"] }
+rustls = { path = "../rustls", features = ["log"] }
 serde = { workspace = true }
 tokio = { workspace = true }
 webpki-roots = { workspace = true }
diff --git a/examples/src/bin/tlsclient-mio.rs b/examples/src/bin/tlsclient-mio.rs
index 0023e6f4ccd..f9132046358 100644
--- a/examples/src/bin/tlsclient-mio.rs
+++ b/examples/src/bin/tlsclient-mio.rs
@@ -402,6 +402,10 @@ mod danger {
                 .signature_verification_algorithms
                 .supported_schemes()
         }
+
+        fn request_ocsp_response(&self) -> bool {
+            false
+        }
     }
 }
 
diff --git a/fuzz/Cargo.lock b/fuzz/Cargo.lock
index d4b0bb07642..fac675a3eaa 100644
--- a/fuzz/Cargo.lock
+++ b/fuzz/Cargo.lock
@@ -275,7 +275,7 @@ dependencies = [
 
 [[package]]
 name = "rustls"
-version = "0.23.28"
+version = "0.24.0-dev.0"
 dependencies = [
  "log",
  "once_cell",
diff --git a/openssl-tests/src/raw_key_openssl_interop.rs b/openssl-tests/src/raw_key_openssl_interop.rs
index a6d8b50aadf..78296ec7379 100644
--- a/openssl-tests/src/raw_key_openssl_interop.rs
+++ b/openssl-tests/src/raw_key_openssl_interop.rs
@@ -143,6 +143,10 @@ mod client {
             self.supported_algs.supported_schemes()
         }
 
+        fn request_ocsp_response(&self) -> bool {
+            false
+        }
+
         fn requires_raw_public_keys(&self) -> bool {
             true
         }
@@ -257,8 +261,8 @@ mod server {
     }
 
     impl ClientCertVerifier for SimpleRpkClientCertVerifier {
-        fn root_hint_subjects(&self) -> &[DistinguishedName] {
-            &[]
+        fn root_hint_subjects(&self) -> Arc<[DistinguishedName]> {
+            Arc::from(Vec::new())
         }
 
         fn verify_client_cert(
diff --git a/openssl-tests/src/validate_ffdhe_params.rs b/openssl-tests/src/validate_ffdhe_params.rs
index d7beafccab2..f833415b3ae 100644
--- a/openssl-tests/src/validate_ffdhe_params.rs
+++ b/openssl-tests/src/validate_ffdhe_params.rs
@@ -25,13 +25,7 @@ fn ffdhe_params_correct() {
 fn test_ffdhe_params_correct(name: NamedGroup, group: FfdheGroup<'static>) {
     let (p, g) = get_ffdhe_params_from_openssl(name);
     let openssl_params = FfdheGroup::from_params_trimming_leading_zeros(&p, &g);
-    #[allow(deprecated)]
-    let rustls_params_from_name = FfdheGroup::from_named_group(name).unwrap();
-    #[allow(deprecated)]
-    let round_trip_name = rustls_params_from_name.named_group();
-    assert_eq!(round_trip_name, Some(name));
 
-    assert_eq!(rustls_params_from_name, openssl_params);
     assert_eq!(group, openssl_params);
 }
 
diff --git a/provider-example/Cargo.toml b/provider-example/Cargo.toml
index 3ca1a442311..70ccd45f0d1 100644
--- a/provider-example/Cargo.toml
+++ b/provider-example/Cargo.toml
@@ -17,7 +17,7 @@ hpke-rs-rust-crypto = { workspace = true }
 p256 = { workspace = true }
 pkcs8 = { workspace = true }
 rand_core = { workspace = true }
-rustls = { path = "../rustls", default-features = false, features = ["logging", "tls12"] }
+rustls = { path = "../rustls", default-features = false, features = ["log", "tls12"] }
 rsa = { workspace = true }
 sha2 = { workspace = true }
 signature = { workspace = true }
diff --git a/provider-example/src/kx.rs b/provider-example/src/kx.rs
index e6ad32bedfa..99604fcec37 100644
--- a/provider-example/src/kx.rs
+++ b/provider-example/src/kx.rs
@@ -2,7 +2,6 @@ use alloc::boxed::Box;
 
 use crypto::SupportedKxGroup;
 use rustls::crypto;
-use rustls::ffdhe_groups::FfdheGroup;
 
 pub(crate) struct KeyExchange {
     priv_key: x25519_dalek::EphemeralSecret,
@@ -23,10 +22,6 @@ impl crypto::ActiveKeyExchange for KeyExchange {
         self.pub_key.as_bytes()
     }
 
-    fn ffdhe_group(&self) -> Option<FfdheGroup<'static>> {
-        None
-    }
-
     fn group(&self) -> rustls::NamedGroup {
         X25519.name()
     }
@@ -46,10 +41,6 @@ impl SupportedKxGroup for X25519 {
         }))
     }
 
-    fn ffdhe_group(&self) -> Option<FfdheGroup<'static>> {
-        None
-    }
-
     fn name(&self) -> rustls::NamedGroup {
         rustls::NamedGroup::X25519
     }
diff --git a/provider-example/src/sign.rs b/provider-example/src/sign.rs
index 48a8d939066..9cd7c63918e 100644
--- a/provider-example/src/sign.rs
+++ b/provider-example/src/sign.rs
@@ -2,8 +2,8 @@ use alloc::boxed::Box;
 use alloc::sync::Arc;
 use alloc::vec::Vec;
 
-use pkcs8::DecodePrivateKey;
-use rustls::pki_types::PrivateKeyDer;
+use pkcs8::{DecodePrivateKey, EncodePublicKey};
+use rustls::pki_types::{PrivateKeyDer, SubjectPublicKeyInfoDer};
 use rustls::sign::{Signer, SigningKey};
 use rustls::{SignatureAlgorithm, SignatureScheme};
 use signature::{RandomizedSigner, SignatureEncoding};
@@ -39,6 +39,16 @@ impl SigningKey for EcdsaSigningKeyP256 {
         }
     }
 
+    fn public_key(&self) -> Option<SubjectPublicKeyInfoDer<'_>> {
+        Some(SubjectPublicKeyInfoDer::from(
+            self.key
+                .verifying_key()
+                .to_public_key_der()
+                .ok()?
+                .into_vec(),
+        ))
+    }
+
     fn algorithm(&self) -> SignatureAlgorithm {
         SignatureAlgorithm::ECDSA
     }
diff --git a/rustls-fuzzing-provider/Cargo.toml b/rustls-fuzzing-provider/Cargo.toml
index 80d6ae06523..04ed7f23a36 100644
--- a/rustls-fuzzing-provider/Cargo.toml
+++ b/rustls-fuzzing-provider/Cargo.toml
@@ -5,7 +5,7 @@ edition = "2021"
 publish = false
 
 [dependencies]
-rustls = { path = "../rustls", default-features = false, features = ["logging", "std", "tls12"] }
+rustls = { path = "../rustls", default-features = false, features = ["log", "std", "tls12"] }
 
 [dev-dependencies]
 env_logger = { workspace = true }
diff --git a/rustls-fuzzing-provider/src/lib.rs b/rustls-fuzzing-provider/src/lib.rs
index 4a217465c3c..31a14801098 100644
--- a/rustls-fuzzing-provider/src/lib.rs
+++ b/rustls-fuzzing-provider/src/lib.rs
@@ -26,10 +26,9 @@ use rustls::crypto::{
     CipherSuiteCommon, GetRandomFailed, KeyExchangeAlgorithm, WebPkiSupportedAlgorithms, hash,
     tls12, tls13,
 };
-use rustls::ffdhe_groups::FfdheGroup;
 use rustls::pki_types::{
     AlgorithmIdentifier, CertificateDer, InvalidSignature, PrivateKeyDer,
-    SignatureVerificationAlgorithm, alg_id,
+    SignatureVerificationAlgorithm, SubjectPublicKeyInfoDer, alg_id,
 };
 use rustls::server::ProducesTickets;
 use rustls::{
@@ -71,7 +70,7 @@ pub fn server_cert_resolver() -> Arc<dyn server::ResolvesServerCert> {
 struct DummyCert(Arc<sign::CertifiedKey>);
 
 impl server::ResolvesServerCert for DummyCert {
-    fn resolve(&self, _client_hello: server::ClientHello<'_>) -> Option<Arc<sign::CertifiedKey>> {
+    fn resolve(&self, _client_hello: &server::ClientHello<'_>) -> Option<Arc<sign::CertifiedKey>> {
         Some(self.0.clone())
     }
 }
@@ -228,10 +227,6 @@ impl crypto::ActiveKeyExchange for ActiveKeyExchange {
         KX_PEER_SHARE
     }
 
-    fn ffdhe_group(&self) -> Option<FfdheGroup<'static>> {
-        None
-    }
-
     fn group(&self) -> NamedGroup {
         NamedGroup::from(0xfe00)
     }
@@ -245,10 +240,6 @@ impl crypto::SupportedKxGroup for KeyExchangeGroup {
         Ok(Box::new(ActiveKeyExchange))
     }
 
-    fn ffdhe_group(&self) -> Option<FfdheGroup<'static>> {
-        None
-    }
-
     fn name(&self) -> NamedGroup {
         NamedGroup::from(0xfe00)
     }
@@ -487,6 +478,10 @@ impl sign::SigningKey for SigningKey {
         }
     }
 
+    fn public_key(&self) -> Option<SubjectPublicKeyInfoDer<'_>> {
+        None
+    }
+
     fn algorithm(&self) -> SignatureAlgorithm {
         SignatureAlgorithm::ECDSA
     }
diff --git a/rustls-post-quantum/Cargo.toml b/rustls-post-quantum/Cargo.toml
index 4c17db70ba4..99ae1005fff 100644
--- a/rustls-post-quantum/Cargo.toml
+++ b/rustls-post-quantum/Cargo.toml
@@ -2,7 +2,7 @@
 name = "rustls-post-quantum"
 version = "0.2.2"
 edition = "2021"
-rust-version = "1.71"
+rust-version = "1.79"
 license = "Apache-2.0 OR ISC OR MIT"
 readme = "README.md"
 description = "Experimental support for post-quantum key exchange in rustls"
@@ -12,7 +12,7 @@ categories = ["network-programming", "cryptography"]
 autobenches = false
 
 [dependencies]
-rustls = { version = "0.23.22", features = ["aws_lc_rs", "prefer-post-quantum"], path = "../rustls" }
+rustls = { version = "0.24.0-dev.0", features = ["aws-lc-rs", "prefer-post-quantum"], path = "../rustls" }
 
 [dev-dependencies]
 criterion = { workspace = true }
diff --git a/rustls-post-quantum/benches/benchmarks.rs b/rustls-post-quantum/benches/benchmarks.rs
index 8d486b7e462..e2ca980c654 100644
--- a/rustls-post-quantum/benches/benchmarks.rs
+++ b/rustls-post-quantum/benches/benchmarks.rs
@@ -6,7 +6,6 @@ use rustls::crypto::aws_lc_rs::kx_group::X25519;
 use rustls::crypto::{
     ActiveKeyExchange, CryptoProvider, SharedSecret, SupportedKxGroup, aws_lc_rs,
 };
-use rustls::ffdhe_groups::FfdheGroup;
 use rustls::{ClientConfig, ClientConnection, Error, NamedGroup, RootCertStore};
 use rustls_post_quantum::{MLKEM768, X25519MLKEM768};
 
@@ -155,10 +154,6 @@ impl SupportedKxGroup for SeparateX25519Mlkem768 {
     fn name(&self) -> NamedGroup {
         X25519MLKEM768.name()
     }
-
-    fn ffdhe_group(&self) -> Option<FfdheGroup<'static>> {
-        X25519MLKEM768.ffdhe_group()
-    }
 }
 
 struct Active {
diff --git a/rustls-provider-test/Cargo.toml b/rustls-provider-test/Cargo.toml
index 205e391df97..2db8f3b4045 100644
--- a/rustls-provider-test/Cargo.toml
+++ b/rustls-provider-test/Cargo.toml
@@ -9,6 +9,6 @@ publish = false
 [dependencies]
 hex = "0.4"
 provider-example = { package = "rustls-provider-example", version = "0.0.1", path = "../provider-example" }
-rustls = { version = "0.23.8", features = ["aws_lc_rs", "logging"], path = "../rustls" }
+rustls = { version = "0.24.0-dev.0", features = ["aws-lc-rs", "log"], path = "../rustls" }
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
diff --git a/rustls-test/src/lib.rs b/rustls-test/src/lib.rs
index 696e039ad1f..f36779b5f1a 100644
--- a/rustls-test/src/lib.rs
+++ b/rustls-test/src/lib.rs
@@ -1169,6 +1169,10 @@ impl ServerCertVerifier for MockServerVerifier {
         self.signature_schemes.clone()
     }
 
+    fn request_ocsp_response(&self) -> bool {
+        self.expected_ocsp_response.is_some()
+    }
+
     fn requires_raw_public_keys(&self) -> bool {
         self.requires_raw_public_keys
     }
@@ -1250,7 +1254,7 @@ impl Default for MockServerVerifier {
 #[derive(Debug)]
 pub struct MockClientVerifier {
     pub verified: fn() -> Result<ClientCertVerified, Error>,
-    pub subjects: Vec<DistinguishedName>,
+    pub subjects: Arc<[DistinguishedName]>,
     pub mandatory: bool,
     pub offered_schemes: Option<Vec<SignatureScheme>>,
     expect_raw_public_keys: bool,
@@ -1269,7 +1273,7 @@ impl MockClientVerifier {
                 .build()
                 .unwrap(),
             verified,
-            subjects: get_client_root_store(kt).subjects(),
+            subjects: Arc::from(get_client_root_store(kt).subjects()),
             mandatory: true,
             offered_schemes: None,
             expect_raw_public_keys: false,
@@ -1283,8 +1287,8 @@ impl ClientCertVerifier for MockClientVerifier {
         self.mandatory
     }
 
-    fn root_hint_subjects(&self) -> &[DistinguishedName] {
-        &self.subjects
+    fn root_hint_subjects(&self) -> Arc<[DistinguishedName]> {
+        self.subjects.clone()
     }
 
     fn verify_client_cert(
diff --git a/rustls/Cargo.toml b/rustls/Cargo.toml
index 134d4c7c975..e32ede4292a 100644
--- a/rustls/Cargo.toml
+++ b/rustls/Cargo.toml
@@ -1,8 +1,8 @@
 [package]
 name = "rustls"
-version = "0.23.28"
+version = "0.24.0-dev.0"
 edition = "2021"
-rust-version = "1.71"
+rust-version = "1.79"
 license = "Apache-2.0 OR ISC OR MIT"
 readme = "../README.md"
 description = "Rustls is a modern TLS library written in Rust."
@@ -15,15 +15,14 @@ exclude = ["src/testdata", "tests/**"]
 build = "build.rs"
 
 [features]
-default = ["aws_lc_rs", "logging", "prefer-post-quantum", "std", "tls12"]
+default = ["aws-lc-rs", "log", "prefer-post-quantum", "std", "tls12"]
 
-aws-lc-rs = ["aws_lc_rs"] # Alias because Cargo features commonly use `-`
-aws_lc_rs = ["dep:aws-lc-rs", "webpki/aws-lc-rs", "aws-lc-rs/aws-lc-sys", "aws-lc-rs/prebuilt-nasm"]
+aws-lc-rs = ["dep:aws-lc-rs", "webpki/aws-lc-rs", "aws-lc-rs/aws-lc-sys", "aws-lc-rs/prebuilt-nasm"]
 brotli = ["dep:brotli", "dep:brotli-decompressor", "std"]
 custom-provider = []
-fips = ["aws_lc_rs", "aws-lc-rs?/fips", "webpki/aws-lc-rs-fips"]
-logging = ["log"]
-prefer-post-quantum = ["aws_lc_rs"]
+fips = ["aws-lc-rs", "aws-lc-rs?/fips", "webpki/aws-lc-rs-fips"]
+log = ["dep:log"]
+prefer-post-quantum = ["aws-lc-rs"]
 read_buf = ["rustversion", "std"]
 ring = ["dep:ring", "webpki/ring"]
 std = ["webpki/std", "pki-types/std", "once_cell/std"]
diff --git a/rustls/src/builder.rs b/rustls/src/builder.rs
index f8ff61405b1..691fb8ae2dd 100644
--- a/rustls/src/builder.rs
+++ b/rustls/src/builder.rs
@@ -30,7 +30,7 @@ use crate::{ClientConfig, ServerConfig};
 /// supported protocol versions.
 ///
 /// ```
-/// # #[cfg(feature = "aws_lc_rs")] {
+/// # #[cfg(feature = "aws-lc-rs")] {
 /// # rustls::crypto::aws_lc_rs::default_provider().install_default();
 /// use rustls::{ClientConfig, ServerConfig};
 /// ClientConfig::builder()
@@ -46,7 +46,7 @@ use crate::{ClientConfig, ServerConfig};
 /// You may also override the choice of protocol versions:
 ///
 /// ```no_run
-/// # #[cfg(feature = "aws_lc_rs")] {
+/// # #[cfg(feature = "aws-lc-rs")] {
 /// # rustls::crypto::aws_lc_rs::default_provider().install_default();
 /// # use rustls::ServerConfig;
 /// ServerConfig::builder_with_protocol_versions(&[&rustls::version::TLS13])
@@ -82,7 +82,7 @@ use crate::{ClientConfig, ServerConfig};
 /// For example:
 ///
 /// ```
-/// # #[cfg(feature = "aws_lc_rs")] {
+/// # #[cfg(feature = "aws-lc-rs")] {
 /// # rustls::crypto::aws_lc_rs::default_provider().install_default();
 /// # use rustls::ClientConfig;
 /// # let root_certs = rustls::RootCertStore::empty();
@@ -106,7 +106,7 @@ use crate::{ClientConfig, ServerConfig};
 /// For example:
 ///
 /// ```no_run
-/// # #[cfg(feature = "aws_lc_rs")] {
+/// # #[cfg(feature = "aws-lc-rs")] {
 /// # rustls::crypto::aws_lc_rs::default_provider().install_default();
 /// # use rustls::ServerConfig;
 /// # let certs = vec![];
diff --git a/rustls/src/client/client_conn.rs b/rustls/src/client/client_conn.rs
index d214c2a1f2f..a40043cfda8 100644
--- a/rustls/src/client/client_conn.rs
+++ b/rustls/src/client/client_conn.rs
@@ -434,11 +434,15 @@ impl ClientConfig {
         group: NamedGroup,
         version: ProtocolVersion,
     ) -> Option<&'static dyn SupportedKxGroup> {
+        if !group.usable_for_version(version) {
+            return None;
+        }
+
         self.provider
             .kx_groups
             .iter()
+            .find(|skxg| skxg.name() == group)
             .copied()
-            .find(|skxg| skxg.usable_for_version(version) && skxg.name() == group)
     }
 
     pub(super) fn current_time(&self) -> Result<UnixTime, Error> {
diff --git a/rustls/src/client/ech.rs b/rustls/src/client/ech.rs
index c396076640e..1d4f30d3c17 100644
--- a/rustls/src/client/ech.rs
+++ b/rustls/src/client/ech.rs
@@ -107,7 +107,7 @@ impl EchConfig {
 
         // Note: we name the index var _i because if the log feature is disabled
         //       it is unused.
-        #[cfg_attr(not(feature = "logging"), allow(clippy::unused_enumerate_index))]
+        #[cfg_attr(not(feature = "log"), allow(clippy::unused_enumerate_index))]
         for (_i, config) in ech_configs.iter().enumerate() {
             let contents = match config {
                 EchConfigPayload::V18(contents) => contents,
diff --git a/rustls/src/client/handy.rs b/rustls/src/client/handy.rs
index 3ad3073bbd7..5954cfbef61 100644
--- a/rustls/src/client/handy.rs
+++ b/rustls/src/client/handy.rs
@@ -367,6 +367,11 @@ mod tests {
         fn supported_verify_schemes(&self) -> Vec<SignatureScheme> {
             unreachable!()
         }
+
+        #[cfg_attr(coverage_nightly, coverage(off))]
+        fn request_ocsp_response(&self) -> bool {
+            unreachable!()
+        }
     }
 
     #[derive(Debug)]
diff --git a/rustls/src/client/hs.rs b/rustls/src/client/hs.rs
index 4669f33d081..d42783c42e2 100644
--- a/rustls/src/client/hs.rs
+++ b/rustls/src/client/hs.rs
@@ -10,7 +10,7 @@ use pki_types::ServerName;
 use super::tls12;
 use super::{ResolvesClientCert, Tls12Resumption};
 use crate::SupportedCipherSuite;
-#[cfg(feature = "logging")]
+#[cfg(feature = "log")]
 use crate::bs_debug;
 use crate::check::inappropriate_handshake_message;
 use crate::client::client_conn::ClientConnectionData;
@@ -215,8 +215,12 @@ fn emit_client_hello_for_retry(
                 .provider
                 .kx_groups
                 .iter()
-                .filter(|skxg| supported_versions.any(|v| skxg.usable_for_version(v)))
-                .map(|skxg| skxg.name())
+                .filter_map(|skxg| {
+                    let named_group = skxg.name();
+                    supported_versions
+                        .any(|v| named_group.usable_for_version(v))
+                        .then_some(named_group)
+                })
                 .collect(),
         ),
         supported_versions: Some(supported_versions),
@@ -226,20 +230,21 @@ fn emit_client_hello_for_retry(
                 .supported_verify_schemes(),
         ),
         extended_master_secret_request: Some(()),
-        certificate_status_request: Some(CertificateStatusRequest::build_ocsp()),
+        certificate_status_request: match config.verifier.request_ocsp_response() {
+            true => Some(CertificateStatusRequest::build_ocsp()),
+            false => None,
+        },
         protocols: extra_exts.protocols.clone(),
         ..Default::default()
     });
 
-    match extra_exts.transport_parameters.clone() {
-        Some(TransportParameters::Quic(v)) => exts.transport_parameters = Some(v),
-        Some(TransportParameters::QuicDraft(v)) => exts.transport_parameters_draft = Some(v),
-        None => {}
-    };
+    if let Some(TransportParameters::Quic(v)) = &extra_exts.transport_parameters {
+        exts.transport_parameters = Some(v.clone());
+    }
 
     if supported_versions.tls13 {
         if let Some(cas_extension) = config.verifier.root_hint_subjects() {
-            exts.certificate_authority_names = Some(cas_extension.to_owned());
+            exts.certificate_authority_names = Some(cas_extension.to_vec());
         }
     }
 
diff --git a/rustls/src/client/test.rs b/rustls/src/client/test.rs
index f4ea9580ea5..cd3ed9661ff 100644
--- a/rustls/src/client/test.rs
+++ b/rustls/src/client/test.rs
@@ -1,4 +1,4 @@
-#![cfg(any(feature = "ring", feature = "aws_lc_rs"))]
+#![cfg(any(feature = "ring", feature = "aws-lc-rs"))]
 use core::sync::atomic::{AtomicBool, Ordering};
 use std::prelude::v1::*;
 use std::vec;
@@ -181,7 +181,9 @@ mod tests {
     #[test]
     fn cas_extension_in_client_hello_if_server_verifier_requests_it() {
         let cas_sending_server_verifier =
-            ServerVerifierWithAuthorityNames(vec![DistinguishedName::from(b"hello".to_vec())]);
+            ServerVerifierWithAuthorityNames(Arc::from(vec![DistinguishedName::from(
+                b"hello".to_vec(),
+            )]));
 
         for (protocol_version, cas_extension_expected) in
             [(&version::TLS12, false), (&version::TLS13, true)]
@@ -335,6 +337,10 @@ mod tests {
             todo!()
         }
 
+        fn request_ocsp_response(&self) -> bool {
+            false
+        }
+
         fn supported_verify_schemes(&self) -> Vec<SignatureScheme> {
             vec![SignatureScheme::ECDSA_SHA1_Legacy]
         }
@@ -489,11 +495,11 @@ mod tests {
     }
 
     #[derive(Clone, Debug)]
-    struct ServerVerifierWithAuthorityNames(Vec<DistinguishedName>);
+    struct ServerVerifierWithAuthorityNames(Arc<[DistinguishedName]>);
 
     impl ServerCertVerifier for ServerVerifierWithAuthorityNames {
-        fn root_hint_subjects(&self) -> Option<&[DistinguishedName]> {
-            Some(self.0.as_slice())
+        fn root_hint_subjects(&self) -> Option<Arc<[DistinguishedName]>> {
+            Some(self.0.clone())
         }
 
         #[cfg_attr(coverage_nightly, coverage(off))]
@@ -531,6 +537,10 @@ mod tests {
         fn supported_verify_schemes(&self) -> Vec<SignatureScheme> {
             vec![SignatureScheme::RSA_PKCS1_SHA1]
         }
+
+        fn request_ocsp_response(&self) -> bool {
+            false
+        }
     }
 
     #[derive(Debug)]
@@ -573,6 +583,10 @@ mod tests {
             vec![SignatureScheme::RSA_PKCS1_SHA1]
         }
 
+        fn request_ocsp_response(&self) -> bool {
+            false
+        }
+
         fn requires_raw_public_keys(&self) -> bool {
             true
         }
diff --git a/rustls/src/client/tls12.rs b/rustls/src/client/tls12.rs
index 0fc5acee04e..41e3d9ef99f 100644
--- a/rustls/src/client/tls12.rs
+++ b/rustls/src/client/tls12.rs
@@ -478,7 +478,7 @@ impl State<ClientConnectionData> for ExpectServerKx<'_> {
         kx.params.encode(&mut kx_params);
         let server_kx = ServerKxDetails::new(kx_params, kx.dss);
 
-        #[cfg_attr(not(feature = "logging"), allow(unused_variables))]
+        #[cfg_attr(not(feature = "log"), allow(unused_variables))]
         {
             match &kx.params {
                 ServerKeyExchangeParams::Ecdh(ecdhe) => {
diff --git a/rustls/src/client/tls13.rs b/rustls/src/client/tls13.rs
index d73c5a88117..72390e28cc3 100644
--- a/rustls/src/client/tls13.rs
+++ b/rustls/src/client/tls13.rs
@@ -526,11 +526,7 @@ impl State<ClientConnectionData> for ExpectEncryptedExtensions {
 
         // QUIC transport parameters
         if cx.common.is_quic() {
-            match exts
-                .transport_parameters
-                .as_ref()
-                .or(exts.transport_parameters_draft.as_ref())
-            {
+            match exts.transport_parameters.as_ref() {
                 Some(params) => cx.common.quic.params = Some(params.clone().into_vec()),
                 None => {
                     return Err(cx
diff --git a/rustls/src/conn.rs b/rustls/src/conn.rs
index 1a95079fada..7517c566c81 100644
--- a/rustls/src/conn.rs
+++ b/rustls/src/conn.rs
@@ -734,10 +734,7 @@ impl<Data> ConnectionCommon<Data> {
     /// [`reader()`]: ConnectionCommon::reader
     pub fn read_tls(&mut self, rd: &mut dyn io::Read) -> Result<usize, io::Error> {
         if self.received_plaintext.is_full() {
-            return Err(io::Error::new(
-                io::ErrorKind::Other,
-                "received plaintext buffer full",
-            ));
+            return Err(io::Error::other("received plaintext buffer full"));
         }
 
         if self.has_received_close_notify {
diff --git a/rustls/src/crypto/aws_lc_rs/pq/hybrid.rs b/rustls/src/crypto/aws_lc_rs/pq/hybrid.rs
index 8e30d782edc..ee5975d7f7b 100644
--- a/rustls/src/crypto/aws_lc_rs/pq/hybrid.rs
+++ b/rustls/src/crypto/aws_lc_rs/pq/hybrid.rs
@@ -3,8 +3,7 @@ use alloc::vec::Vec;
 
 use super::INVALID_KEY_SHARE;
 use crate::crypto::{ActiveKeyExchange, CompletedKeyExchange, SharedSecret, SupportedKxGroup};
-use crate::ffdhe_groups::FfdheGroup;
-use crate::{Error, NamedGroup, ProtocolVersion};
+use crate::{Error, NamedGroup};
 
 /// A generalization of hybrid key exchange.
 #[derive(Debug)]
@@ -60,10 +59,6 @@ impl SupportedKxGroup for Hybrid {
         })
     }
 
-    fn ffdhe_group(&self) -> Option<FfdheGroup<'static>> {
-        None
-    }
-
     fn name(&self) -> NamedGroup {
         self.name
     }
@@ -88,10 +83,6 @@ impl SupportedKxGroup for Hybrid {
             false => self.classical.fips(),
         }
     }
-
-    fn usable_for_version(&self, version: ProtocolVersion) -> bool {
-        version == ProtocolVersion::TLSv1_3
-    }
 }
 
 struct ActiveHybrid {
@@ -138,10 +129,6 @@ impl ActiveKeyExchange for ActiveHybrid {
         &self.combined_pub_key
     }
 
-    fn ffdhe_group(&self) -> Option<FfdheGroup<'static>> {
-        None
-    }
-
     fn group(&self) -> NamedGroup {
         self.name
     }
diff --git a/rustls/src/crypto/aws_lc_rs/pq/mlkem.rs b/rustls/src/crypto/aws_lc_rs/pq/mlkem.rs
index fa2be078dd9..b24f4b92806 100644
--- a/rustls/src/crypto/aws_lc_rs/pq/mlkem.rs
+++ b/rustls/src/crypto/aws_lc_rs/pq/mlkem.rs
@@ -5,8 +5,7 @@ use aws_lc_rs::kem;
 
 use super::INVALID_KEY_SHARE;
 use crate::crypto::{ActiveKeyExchange, CompletedKeyExchange, SharedSecret, SupportedKxGroup};
-use crate::ffdhe_groups::FfdheGroup;
-use crate::{Error, NamedGroup, ProtocolVersion};
+use crate::{Error, NamedGroup};
 
 #[derive(Debug)]
 pub(crate) struct MlKem768;
@@ -42,10 +41,6 @@ impl SupportedKxGroup for MlKem768 {
         })
     }
 
-    fn ffdhe_group(&self) -> Option<FfdheGroup<'static>> {
-        None
-    }
-
     fn name(&self) -> NamedGroup {
         NamedGroup::MLKEM768
     }
@@ -65,10 +60,6 @@ impl SupportedKxGroup for MlKem768 {
         // see <https://github.com/rustls/rustls/issues/2309>
         super::super::fips()
     }
-
-    fn usable_for_version(&self, version: ProtocolVersion) -> bool {
-        version == ProtocolVersion::TLSv1_3
-    }
 }
 
 struct Active {
@@ -93,10 +84,6 @@ impl ActiveKeyExchange for Active {
         &self.encaps_key_bytes
     }
 
-    fn ffdhe_group(&self) -> Option<FfdheGroup<'static>> {
-        None
-    }
-
     fn group(&self) -> NamedGroup {
         NamedGroup::MLKEM768
     }
diff --git a/rustls/src/crypto/aws_lc_rs/ticketer.rs b/rustls/src/crypto/aws_lc_rs/ticketer.rs
index 44c7c21b473..e1ba1918f36 100644
--- a/rustls/src/crypto/aws_lc_rs/ticketer.rs
+++ b/rustls/src/crypto/aws_lc_rs/ticketer.rs
@@ -43,7 +43,7 @@ impl Ticketer {
 fn make_ticket_generator() -> Result<Box<dyn ProducesTickets>, GetRandomFailed> {
     // NOTE(XXX): Unconditionally mapping errors to `GetRandomFailed` here is slightly
     //   misleading in some cases (e.g. failure to construct a padded block cipher encrypting key).
-    //   However, we can't change the return type expected from a `TicketSwitcher` `generator`
+    //   However, we can't change the return type expected from a `TicketRotator` `generator`
     //   without breaking semver.
     //   Tracking in https://github.com/rustls/rustls/issues/2074
     Ok(Box::new(
@@ -320,64 +320,6 @@ mod tests {
         assert_eq!(t.decrypt(&cipher3).unwrap(), b"ticket 3");
     }
 
-    #[test]
-    fn ticketswitcher_switching_test() {
-        #[expect(deprecated)]
-        let t = Arc::new(crate::ticketer::TicketSwitcher::new(1, make_ticket_generator).unwrap());
-        let now = UnixTime::now();
-        let cipher1 = t.encrypt(b"ticket 1").unwrap();
-        assert_eq!(t.decrypt(&cipher1).unwrap(), b"ticket 1");
-        {
-            // Trigger new ticketer
-            t.maybe_roll(UnixTime::since_unix_epoch(Duration::from_secs(
-                now.as_secs() + 10,
-            )));
-        }
-        let cipher2 = t.encrypt(b"ticket 2").unwrap();
-        assert_eq!(t.decrypt(&cipher1).unwrap(), b"ticket 1");
-        assert_eq!(t.decrypt(&cipher2).unwrap(), b"ticket 2");
-        {
-            // Trigger new ticketer
-            t.maybe_roll(UnixTime::since_unix_epoch(Duration::from_secs(
-                now.as_secs() + 20,
-            )));
-        }
-        let cipher3 = t.encrypt(b"ticket 3").unwrap();
-        assert!(t.decrypt(&cipher1).is_none());
-        assert_eq!(t.decrypt(&cipher2).unwrap(), b"ticket 2");
-        assert_eq!(t.decrypt(&cipher3).unwrap(), b"ticket 3");
-    }
-
-    #[test]
-    fn ticketswitcher_recover_test() {
-        #[expect(deprecated)]
-        let mut t = crate::ticketer::TicketSwitcher::new(1, make_ticket_generator).unwrap();
-        let now = UnixTime::now();
-        let cipher1 = t.encrypt(b"ticket 1").unwrap();
-        assert_eq!(t.decrypt(&cipher1).unwrap(), b"ticket 1");
-        t.generator = fail_generator;
-        {
-            // Failed new ticketer
-            t.maybe_roll(UnixTime::since_unix_epoch(Duration::from_secs(
-                now.as_secs() + 10,
-            )));
-        }
-        t.generator = make_ticket_generator;
-        let cipher2 = t.encrypt(b"ticket 2").unwrap();
-        assert_eq!(t.decrypt(&cipher1).unwrap(), b"ticket 1");
-        assert_eq!(t.decrypt(&cipher2).unwrap(), b"ticket 2");
-        {
-            // recover
-            t.maybe_roll(UnixTime::since_unix_epoch(Duration::from_secs(
-                now.as_secs() + 20,
-            )));
-        }
-        let cipher3 = t.encrypt(b"ticket 3").unwrap();
-        assert!(t.decrypt(&cipher1).is_none());
-        assert_eq!(t.decrypt(&cipher2).unwrap(), b"ticket 2");
-        assert_eq!(t.decrypt(&cipher3).unwrap(), b"ticket 3");
-    }
-
     #[test]
     fn rfc5077ticketer_is_debug_and_producestickets() {
         use alloc::format;
diff --git a/rustls/src/crypto/mod.rs b/rustls/src/crypto/mod.rs
index 3ce026b9df1..34abca27694 100644
--- a/rustls/src/crypto/mod.rs
+++ b/rustls/src/crypto/mod.rs
@@ -26,7 +26,7 @@ use crate::{Error, NamedGroup, ProtocolVersion, SupportedProtocolVersion, suites
 pub mod ring;
 
 /// aws-lc-rs-based CryptoProvider.
-#[cfg(feature = "aws_lc_rs")]
+#[cfg(feature = "aws-lc-rs")]
 pub mod aws_lc_rs;
 
 /// TLS message encryption/decryption interfaces.
@@ -123,7 +123,7 @@ pub use crate::suites::CipherSuiteCommon;
 /// API (with [`ConfigBuilder::with_single_cert`], etc.), it might look like this:
 ///
 /// ```
-/// # #[cfg(feature = "aws_lc_rs")] {
+/// # #[cfg(feature = "aws-lc-rs")] {
 /// # use std::sync::Arc;
 /// # mod fictious_hsm_api { pub fn load_private_key(key_der: pki_types::PrivateKeyDer<'static>) -> ! { unreachable!(); } }
 /// use rustls::crypto::aws_lc_rs;
@@ -261,7 +261,7 @@ impl CryptoProvider {
     fn from_crate_features() -> Option<Self> {
         #[cfg(all(
             feature = "ring",
-            not(feature = "aws_lc_rs"),
+            not(feature = "aws-lc-rs"),
             not(feature = "custom-provider")
         ))]
         {
@@ -269,7 +269,7 @@ impl CryptoProvider {
         }
 
         #[cfg(all(
-            feature = "aws_lc_rs",
+            feature = "aws-lc-rs",
             not(feature = "ring"),
             not(feature = "custom-provider")
         ))]
@@ -391,19 +391,16 @@ pub trait SupportedKxGroup: Send + Sync + Debug {
         })
     }
 
-    /// FFDHE group the `SupportedKxGroup` operates in.
+    /// FFDHE group the `SupportedKxGroup` operates in, if any.
     ///
-    /// Return `None` if this group is not a FFDHE one.
+    /// The default implementation returns `None`, so non-FFDHE groups (the
+    /// most common) do not need to do anything.
     ///
-    /// The default implementation calls `FfdheGroup::from_named_group`: this function
-    /// is extremely linker-unfriendly so it is recommended all key exchange implementers
-    /// provide this function.
-    ///
-    /// `rustls::ffdhe_groups` contains suitable values to return from this,
-    /// for example [`rustls::ffdhe_groups::FFDHE2048`][crate::ffdhe_groups::FFDHE2048].
+    /// FFDHE groups must implement this. `rustls::ffdhe_groups` contains
+    /// suitable values to return, for example
+    /// [`rustls::ffdhe_groups::FFDHE2048`][crate::ffdhe_groups::FFDHE2048].
     fn ffdhe_group(&self) -> Option<FfdheGroup<'static>> {
-        #[allow(deprecated)]
-        FfdheGroup::from_named_group(self.name())
+        None
     }
 
     /// Named group the SupportedKxGroup operates in.
@@ -416,13 +413,6 @@ pub trait SupportedKxGroup: Send + Sync + Debug {
     fn fips(&self) -> bool {
         false
     }
-
-    /// Return `true` if this should be offered/selected with the given version.
-    ///
-    /// The default implementation returns true for all versions.
-    fn usable_for_version(&self, _version: ProtocolVersion) -> bool {
-        true
-    }
 }
 
 /// An in-progress key exchange originating from a [`SupportedKxGroup`].
@@ -576,17 +566,14 @@ pub trait ActiveKeyExchange: Send + Sync {
 
     /// FFDHE group the `ActiveKeyExchange` is operating in.
     ///
-    /// Return `None` if this group is not a FFDHE one.
-    ///
-    /// The default implementation calls `FfdheGroup::from_named_group`: this function
-    /// is extremely linker-unfriendly so it is recommended all key exchange implementers
-    /// provide this function.
+    /// The default implementation returns `None`, so non-FFDHE groups (the
+    /// most common) do not need to do anything.
     ///
-    /// `rustls::ffdhe_groups` contains suitable values to return from this,
-    /// for example [`rustls::ffdhe_groups::FFDHE2048`][crate::ffdhe_groups::FFDHE2048].
+    /// FFDHE groups must implement this. `rustls::ffdhe_groups` contains
+    /// suitable values to return, for example
+    /// [`rustls::ffdhe_groups::FFDHE2048`][crate::ffdhe_groups::FFDHE2048].
     fn ffdhe_group(&self) -> Option<FfdheGroup<'static>> {
-        #[allow(deprecated)]
-        FfdheGroup::from_named_group(self.group())
+        None
     }
 
     /// Return the group being used.
@@ -686,7 +673,7 @@ impl From<Vec<u8>> for SharedSecret {
 ///     .with_no_client_auth();
 /// # }
 /// ```
-#[cfg(all(feature = "aws_lc_rs", any(feature = "fips", docsrs)))]
+#[cfg(all(feature = "aws-lc-rs", any(feature = "fips", docsrs)))]
 #[cfg_attr(docsrs, doc(cfg(feature = "fips")))]
 pub fn default_fips_provider() -> CryptoProvider {
     aws_lc_rs::default_provider()
diff --git a/rustls/src/crypto/ring/kx.rs b/rustls/src/crypto/ring/kx.rs
index 6e0da22773c..df7ec18ecaa 100644
--- a/rustls/src/crypto/ring/kx.rs
+++ b/rustls/src/crypto/ring/kx.rs
@@ -5,7 +5,7 @@ use core::fmt;
 
 use super::ring_like::agreement;
 use super::ring_like::rand::SystemRandom;
-use crate::crypto::{ActiveKeyExchange, FfdheGroup, SharedSecret, SupportedKxGroup};
+use crate::crypto::{ActiveKeyExchange, SharedSecret, SupportedKxGroup};
 use crate::error::{Error, PeerMisbehaved};
 use crate::msgs::enums::NamedGroup;
 use crate::rand::GetRandomFailed;
@@ -58,10 +58,6 @@ impl SupportedKxGroup for KxGroup {
         }))
     }
 
-    fn ffdhe_group(&self) -> Option<FfdheGroup<'static>> {
-        None
-    }
-
     fn name(&self) -> NamedGroup {
         self.name
     }
@@ -136,10 +132,6 @@ impl ActiveKeyExchange for KeyExchange {
             .map_err(|_| PeerMisbehaved::InvalidKeyShare.into())
     }
 
-    fn ffdhe_group(&self) -> Option<FfdheGroup<'static>> {
-        None
-    }
-
     /// Return the group being used.
     fn group(&self) -> NamedGroup {
         self.name
diff --git a/rustls/src/crypto/ring/ticketer.rs b/rustls/src/crypto/ring/ticketer.rs
index 45dcc27a873..ee310098bdf 100644
--- a/rustls/src/crypto/ring/ticketer.rs
+++ b/rustls/src/crypto/ring/ticketer.rs
@@ -149,7 +149,7 @@ impl ProducesTickets for AeadTicketer {
 
         // checking the key_name is the expected one, *and* then putting it into the
         // additionally authenticated data is duplicative.  this check quickly rejects
-        // tickets for a different ticketer (see `TicketSwitcher`), while including it
+        // tickets for a different ticketer (see `TicketRotator`), while including it
         // in the AAD ensures it is authenticated independent of that check and that
         // any attempted attack on the integrity such as [^1] must happen for each
         // `key_label`, not over a population of potential keys.  this approach
@@ -288,64 +288,6 @@ mod tests {
         assert_eq!(t.decrypt(&cipher3).unwrap(), b"ticket 3");
     }
 
-    #[test]
-    fn ticketswitcher_switching_test() {
-        #[expect(deprecated)]
-        let t = Arc::new(crate::ticketer::TicketSwitcher::new(1, make_ticket_generator).unwrap());
-        let now = UnixTime::now();
-        let cipher1 = t.encrypt(b"ticket 1").unwrap();
-        assert_eq!(t.decrypt(&cipher1).unwrap(), b"ticket 1");
-        {
-            // Trigger new ticketer
-            t.maybe_roll(UnixTime::since_unix_epoch(Duration::from_secs(
-                now.as_secs() + 10,
-            )));
-        }
-        let cipher2 = t.encrypt(b"ticket 2").unwrap();
-        assert_eq!(t.decrypt(&cipher1).unwrap(), b"ticket 1");
-        assert_eq!(t.decrypt(&cipher2).unwrap(), b"ticket 2");
-        {
-            // Trigger new ticketer
-            t.maybe_roll(UnixTime::since_unix_epoch(Duration::from_secs(
-                now.as_secs() + 20,
-            )));
-        }
-        let cipher3 = t.encrypt(b"ticket 3").unwrap();
-        assert!(t.decrypt(&cipher1).is_none());
-        assert_eq!(t.decrypt(&cipher2).unwrap(), b"ticket 2");
-        assert_eq!(t.decrypt(&cipher3).unwrap(), b"ticket 3");
-    }
-
-    #[test]
-    fn ticketswitcher_recover_test() {
-        #[expect(deprecated)]
-        let mut t = crate::ticketer::TicketSwitcher::new(1, make_ticket_generator).unwrap();
-        let now = UnixTime::now();
-        let cipher1 = t.encrypt(b"ticket 1").unwrap();
-        assert_eq!(t.decrypt(&cipher1).unwrap(), b"ticket 1");
-        t.generator = fail_generator;
-        {
-            // Failed new ticketer
-            t.maybe_roll(UnixTime::since_unix_epoch(Duration::from_secs(
-                now.as_secs() + 10,
-            )));
-        }
-        t.generator = make_ticket_generator;
-        let cipher2 = t.encrypt(b"ticket 2").unwrap();
-        assert_eq!(t.decrypt(&cipher1).unwrap(), b"ticket 1");
-        assert_eq!(t.decrypt(&cipher2).unwrap(), b"ticket 2");
-        {
-            // recover
-            t.maybe_roll(UnixTime::since_unix_epoch(Duration::from_secs(
-                now.as_secs() + 20,
-            )));
-        }
-        let cipher3 = t.encrypt(b"ticket 3").unwrap();
-        assert!(t.decrypt(&cipher1).is_none());
-        assert_eq!(t.decrypt(&cipher2).unwrap(), b"ticket 2");
-        assert_eq!(t.decrypt(&cipher3).unwrap(), b"ticket 3");
-    }
-
     #[test]
     fn aeadticketer_is_debug_and_producestickets() {
         use alloc::format;
diff --git a/rustls/src/crypto/signer.rs b/rustls/src/crypto/signer.rs
index 76a6189bc52..8a64691cb56 100644
--- a/rustls/src/crypto/signer.rs
+++ b/rustls/src/crypto/signer.rs
@@ -63,11 +63,11 @@ pub trait SigningKey: Debug + Send + Sync {
     /// using the chosen scheme.
     fn choose_scheme(&self, offered: &[SignatureScheme]) -> Option<Box<dyn Signer>>;
 
-    /// Get the RFC 5280-compliant SubjectPublicKeyInfo (SPKI) of this [`SigningKey`] if available.
-    fn public_key(&self) -> Option<SubjectPublicKeyInfoDer<'_>> {
-        // Opt-out by default
-        None
-    }
+    /// Get the RFC 5280-compliant SubjectPublicKeyInfo (SPKI) of this [`SigningKey`].
+    ///
+    /// If an implementation does not have the ability to derive this,
+    /// it can return `None`.
+    fn public_key(&self) -> Option<SubjectPublicKeyInfoDer<'_>>;
 
     /// What kind of key we have.
     fn algorithm(&self) -> SignatureAlgorithm;
@@ -116,7 +116,7 @@ impl ResolvesClientCert for SingleCertAndKey {
 }
 
 impl ResolvesServerCert for SingleCertAndKey {
-    fn resolve(&self, _client_hello: ClientHello<'_>) -> Option<Arc<CertifiedKey>> {
+    fn resolve(&self, _client_hello: &ClientHello<'_>) -> Option<Arc<CertifiedKey>> {
         Some(self.0.clone())
     }
 }
@@ -201,7 +201,7 @@ impl CertifiedKey {
     }
 }
 
-#[cfg_attr(not(any(feature = "aws_lc_rs", feature = "ring")), allow(dead_code))]
+#[cfg_attr(not(any(feature = "aws-lc-rs", feature = "ring")), allow(dead_code))]
 pub(crate) fn public_key_to_spki(
     alg_id: &AlgorithmIdentifier,
     public_key: impl AsRef<[u8]>,
diff --git a/rustls/src/enums.rs b/rustls/src/enums.rs
index f59ca3f9a46..02f92c3779d 100644
--- a/rustls/src/enums.rs
+++ b/rustls/src/enums.rs
@@ -114,384 +114,350 @@ enum_builder! {
     /// The `Unknown` item is used when processing unrecognised ordinals.
     #[repr(u16)]
     pub enum CipherSuite {
-        TLS_NULL_WITH_NULL_NULL => 0x0000,
-        TLS_PSK_WITH_AES_128_GCM_SHA256 => 0x00a8,
-        TLS_PSK_WITH_AES_256_GCM_SHA384 => 0x00a9,
-        TLS_EMPTY_RENEGOTIATION_INFO_SCSV => 0x00ff,
+        /// The `TLS_DHE_RSA_WITH_AES_128_GCM_SHA256` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc5288>
+        TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 => 0x009e,
+
+        /// The `TLS_DHE_RSA_WITH_AES_256_GCM_SHA384` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc5288>
+        TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 => 0x009f,
+
+        /// The `TLS_DHE_PSK_WITH_AES_128_GCM_SHA256` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc5487>
+        TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 => 0x00aa,
+
+        /// The `TLS_DHE_PSK_WITH_AES_256_GCM_SHA384` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc5487>
+        TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 => 0x00ab,
+
+        /// The `TLS_AES_128_GCM_SHA256` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc8446>
         TLS13_AES_128_GCM_SHA256 => 0x1301,
+
+        /// The `TLS_AES_256_GCM_SHA384` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc8446>
         TLS13_AES_256_GCM_SHA384 => 0x1302,
+
+        /// The `TLS_CHACHA20_POLY1305_SHA256` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc8446>
         TLS13_CHACHA20_POLY1305_SHA256 => 0x1303,
+
+        /// The `TLS_AES_128_CCM_SHA256` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc8446>
         TLS13_AES_128_CCM_SHA256 => 0x1304,
-        TLS13_AES_128_CCM_8_SHA256 => 0x1305,
-        TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA => 0xc009,
-        TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA => 0xc00a,
-        TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA => 0xc013,
-        TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA => 0xc014,
-        TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 => 0xc023,
-        TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 => 0xc024,
-        TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 => 0xc027,
-        TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 => 0xc028,
+
+        /// The `TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc5289>
         TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 => 0xc02b,
+
+        /// The `TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc5289>
         TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 => 0xc02c,
+
+        /// The `TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc5289>
         TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 => 0xc02f,
+
+        /// The `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc5289>
         TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 => 0xc030,
+
+        /// The `TLS_DHE_RSA_WITH_AES_128_CCM` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc6655>
+        TLS_DHE_RSA_WITH_AES_128_CCM => 0xc09e,
+
+        /// The `TLS_DHE_RSA_WITH_AES_256_CCM` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc6655>
+        TLS_DHE_RSA_WITH_AES_256_CCM => 0xc09f,
+
+        /// The `TLS_DHE_PSK_WITH_AES_128_CCM` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc6655>
+        TLS_DHE_PSK_WITH_AES_128_CCM => 0xc0a6,
+
+        /// The `TLS_DHE_PSK_WITH_AES_256_CCM` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc6655>
+        TLS_DHE_PSK_WITH_AES_256_CCM => 0xc0a7,
+
+        /// The `TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc7905>
         TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 => 0xcca8,
+
+        /// The `TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc7905>
         TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 => 0xcca9,
 
+        /// The `TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc7905>
+        TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 => 0xccaa,
+
+        /// The `TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc7905>
+        TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 => 0xccac,
+
+        /// The `TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc7905>
+        TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 => 0xccad,
+
+        /// The `TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc8442>
+        TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 => 0xd001,
+
+        /// The `TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc8442>
+        TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384 => 0xd002,
+
+        /// The `TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256` cipher suite.  Recommended=Y.  Defined in
+        /// <https://www.iana.org/go/rfc8442>
+        TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256 => 0xd005,
+
     !Debug:
-        TLS_RSA_WITH_NULL_MD5 => 0x0001,
-        TLS_RSA_WITH_NULL_SHA => 0x0002,
-        TLS_RSA_EXPORT_WITH_RC4_40_MD5 => 0x0003,
-        TLS_RSA_WITH_RC4_128_MD5 => 0x0004,
-        TLS_RSA_WITH_RC4_128_SHA => 0x0005,
-        TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 => 0x0006,
-        TLS_RSA_WITH_IDEA_CBC_SHA => 0x0007,
-        TLS_RSA_EXPORT_WITH_DES40_CBC_SHA => 0x0008,
-        TLS_RSA_WITH_DES_CBC_SHA => 0x0009,
-        TLS_RSA_WITH_3DES_EDE_CBC_SHA => 0x000a,
-        TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA => 0x000b,
-        TLS_DH_DSS_WITH_DES_CBC_SHA => 0x000c,
-        TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA => 0x000d,
-        TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA => 0x000e,
-        TLS_DH_RSA_WITH_DES_CBC_SHA => 0x000f,
-        TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA => 0x0010,
-        TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA => 0x0011,
-        TLS_DHE_DSS_WITH_DES_CBC_SHA => 0x0012,
-        TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA => 0x0013,
-        TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA => 0x0014,
-        TLS_DHE_RSA_WITH_DES_CBC_SHA => 0x0015,
-        TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA => 0x0016,
-        TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 => 0x0017,
-        TLS_DH_anon_WITH_RC4_128_MD5 => 0x0018,
-        TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA => 0x0019,
-        TLS_DH_anon_WITH_DES_CBC_SHA => 0x001a,
-        TLS_DH_anon_WITH_3DES_EDE_CBC_SHA => 0x001b,
-        SSL_FORTEZZA_KEA_WITH_NULL_SHA => 0x001c,
-        SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA => 0x001d,
-        TLS_KRB5_WITH_DES_CBC_SHA_or_SSL_FORTEZZA_KEA_WITH_RC4_128_SHA => 0x001e,
-        TLS_KRB5_WITH_3DES_EDE_CBC_SHA => 0x001f,
-        TLS_KRB5_WITH_RC4_128_SHA => 0x0020,
-        TLS_KRB5_WITH_IDEA_CBC_SHA => 0x0021,
-        TLS_KRB5_WITH_DES_CBC_MD5 => 0x0022,
-        TLS_KRB5_WITH_3DES_EDE_CBC_MD5 => 0x0023,
-        TLS_KRB5_WITH_RC4_128_MD5 => 0x0024,
-        TLS_KRB5_WITH_IDEA_CBC_MD5 => 0x0025,
-        TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA => 0x0026,
-        TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA => 0x0027,
-        TLS_KRB5_EXPORT_WITH_RC4_40_SHA => 0x0028,
-        TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 => 0x0029,
-        TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 => 0x002a,
-        TLS_KRB5_EXPORT_WITH_RC4_40_MD5 => 0x002b,
-        TLS_PSK_WITH_NULL_SHA => 0x002c,
-        TLS_DHE_PSK_WITH_NULL_SHA => 0x002d,
-        TLS_RSA_PSK_WITH_NULL_SHA => 0x002e,
+        /// The `TLS_RSA_WITH_AES_128_CBC_SHA` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5246>
         TLS_RSA_WITH_AES_128_CBC_SHA => 0x002f,
-        TLS_DH_DSS_WITH_AES_128_CBC_SHA => 0x0030,
-        TLS_DH_RSA_WITH_AES_128_CBC_SHA => 0x0031,
-        TLS_DHE_DSS_WITH_AES_128_CBC_SHA => 0x0032,
+
+        /// The `TLS_DHE_RSA_WITH_AES_128_CBC_SHA` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5246>
         TLS_DHE_RSA_WITH_AES_128_CBC_SHA => 0x0033,
-        TLS_DH_anon_WITH_AES_128_CBC_SHA => 0x0034,
+
+        /// The `TLS_RSA_WITH_AES_256_CBC_SHA` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5246>
         TLS_RSA_WITH_AES_256_CBC_SHA => 0x0035,
-        TLS_DH_DSS_WITH_AES_256_CBC_SHA => 0x0036,
-        TLS_DH_RSA_WITH_AES_256_CBC_SHA => 0x0037,
-        TLS_DHE_DSS_WITH_AES_256_CBC_SHA => 0x0038,
+
+        /// The `TLS_DHE_RSA_WITH_AES_256_CBC_SHA` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5246>
         TLS_DHE_RSA_WITH_AES_256_CBC_SHA => 0x0039,
-        TLS_DH_anon_WITH_AES_256_CBC_SHA => 0x003a,
-        TLS_RSA_WITH_NULL_SHA256 => 0x003b,
+
+        /// The `TLS_RSA_WITH_AES_128_CBC_SHA256` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5246>
         TLS_RSA_WITH_AES_128_CBC_SHA256 => 0x003c,
+
+        /// The `TLS_RSA_WITH_AES_256_CBC_SHA256` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5246>
         TLS_RSA_WITH_AES_256_CBC_SHA256 => 0x003d,
-        TLS_DH_DSS_WITH_AES_128_CBC_SHA256 => 0x003e,
-        TLS_DH_RSA_WITH_AES_128_CBC_SHA256 => 0x003f,
-        TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 => 0x0040,
-        TLS_RSA_WITH_CAMELLIA_128_CBC_SHA => 0x0041,
-        TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA => 0x0042,
-        TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA => 0x0043,
-        TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA => 0x0044,
-        TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA => 0x0045,
-        TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA => 0x0046,
-        TLS_ECDH_ECDSA_WITH_NULL_SHA_draft => 0x0047,
-        TLS_ECDH_ECDSA_WITH_RC4_128_SHA_draft => 0x0048,
-        TLS_ECDH_ECDSA_WITH_DES_CBC_SHA_draft => 0x0049,
-        TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA_draft => 0x004a,
-        TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA_draft => 0x004b,
-        TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA_draft => 0x004c,
-        TLS_ECDH_ECNRA_WITH_DES_CBC_SHA_draft => 0x004d,
-        TLS_ECDH_ECNRA_WITH_3DES_EDE_CBC_SHA_draft => 0x004e,
-        TLS_ECMQV_ECDSA_NULL_SHA_draft => 0x004f,
-        TLS_ECMQV_ECDSA_WITH_RC4_128_SHA_draft => 0x0050,
-        TLS_ECMQV_ECDSA_WITH_DES_CBC_SHA_draft => 0x0051,
-        TLS_ECMQV_ECDSA_WITH_3DES_EDE_CBC_SHA_draft => 0x0052,
-        TLS_ECMQV_ECNRA_NULL_SHA_draft => 0x0053,
-        TLS_ECMQV_ECNRA_WITH_RC4_128_SHA_draft => 0x0054,
-        TLS_ECMQV_ECNRA_WITH_DES_CBC_SHA_draft => 0x0055,
-        TLS_ECMQV_ECNRA_WITH_3DES_EDE_CBC_SHA_draft => 0x0056,
-        TLS_ECDH_anon_NULL_WITH_SHA_draft => 0x0057,
-        TLS_ECDH_anon_WITH_RC4_128_SHA_draft => 0x0058,
-        TLS_ECDH_anon_WITH_DES_CBC_SHA_draft => 0x0059,
-        TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA_draft => 0x005a,
-        TLS_ECDH_anon_EXPORT_WITH_DES40_CBC_SHA_draft => 0x005b,
-        TLS_ECDH_anon_EXPORT_WITH_RC4_40_SHA_draft => 0x005c,
-        TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 => 0x0060,
-        TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 => 0x0061,
-        TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA => 0x0062,
-        TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA => 0x0063,
-        TLS_RSA_EXPORT1024_WITH_RC4_56_SHA => 0x0064,
-        TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA => 0x0065,
-        TLS_DHE_DSS_WITH_RC4_128_SHA => 0x0066,
+
+        /// The `TLS_DHE_RSA_WITH_AES_128_CBC_SHA256` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5246>
         TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 => 0x0067,
-        TLS_DH_DSS_WITH_AES_256_CBC_SHA256 => 0x0068,
-        TLS_DH_RSA_WITH_AES_256_CBC_SHA256 => 0x0069,
-        TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 => 0x006a,
+
+        /// The `TLS_DHE_RSA_WITH_AES_256_CBC_SHA256` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5246>
         TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 => 0x006b,
-        TLS_DH_anon_WITH_AES_128_CBC_SHA256 => 0x006c,
-        TLS_DH_anon_WITH_AES_256_CBC_SHA256 => 0x006d,
-        TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD => 0x0072,
-        TLS_DHE_DSS_WITH_AES_128_CBC_RMD => 0x0073,
-        TLS_DHE_DSS_WITH_AES_256_CBC_RMD => 0x0074,
-        TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD => 0x0077,
-        TLS_DHE_RSA_WITH_AES_128_CBC_RMD => 0x0078,
-        TLS_DHE_RSA_WITH_AES_256_CBC_RMD => 0x0079,
-        TLS_RSA_WITH_3DES_EDE_CBC_RMD => 0x007c,
-        TLS_RSA_WITH_AES_128_CBC_RMD => 0x007d,
-        TLS_RSA_WITH_AES_256_CBC_RMD => 0x007e,
-        TLS_GOSTR341094_WITH_28147_CNT_IMIT => 0x0080,
-        TLS_GOSTR341001_WITH_28147_CNT_IMIT => 0x0081,
-        TLS_GOSTR341094_WITH_NULL_GOSTR3411 => 0x0082,
-        TLS_GOSTR341001_WITH_NULL_GOSTR3411 => 0x0083,
-        TLS_RSA_WITH_CAMELLIA_256_CBC_SHA => 0x0084,
-        TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA => 0x0085,
-        TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA => 0x0086,
-        TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA => 0x0087,
-        TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA => 0x0088,
-        TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA => 0x0089,
-        TLS_PSK_WITH_RC4_128_SHA => 0x008a,
-        TLS_PSK_WITH_3DES_EDE_CBC_SHA => 0x008b,
+
+        /// The `TLS_PSK_WITH_AES_128_CBC_SHA` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc4279>
         TLS_PSK_WITH_AES_128_CBC_SHA => 0x008c,
+
+        /// The `TLS_PSK_WITH_AES_256_CBC_SHA` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc4279>
         TLS_PSK_WITH_AES_256_CBC_SHA => 0x008d,
-        TLS_DHE_PSK_WITH_RC4_128_SHA => 0x008e,
-        TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA => 0x008f,
+
+        /// The `TLS_DHE_PSK_WITH_AES_128_CBC_SHA` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc4279>
         TLS_DHE_PSK_WITH_AES_128_CBC_SHA => 0x0090,
+
+        /// The `TLS_DHE_PSK_WITH_AES_256_CBC_SHA` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc4279>
         TLS_DHE_PSK_WITH_AES_256_CBC_SHA => 0x0091,
-        TLS_RSA_PSK_WITH_RC4_128_SHA => 0x0092,
-        TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA => 0x0093,
+
+        /// The `TLS_RSA_PSK_WITH_AES_128_CBC_SHA` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc4279>
         TLS_RSA_PSK_WITH_AES_128_CBC_SHA => 0x0094,
+
+        /// The `TLS_RSA_PSK_WITH_AES_256_CBC_SHA` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc4279>
         TLS_RSA_PSK_WITH_AES_256_CBC_SHA => 0x0095,
-        TLS_RSA_WITH_SEED_CBC_SHA => 0x0096,
-        TLS_DH_DSS_WITH_SEED_CBC_SHA => 0x0097,
-        TLS_DH_RSA_WITH_SEED_CBC_SHA => 0x0098,
-        TLS_DHE_DSS_WITH_SEED_CBC_SHA => 0x0099,
-        TLS_DHE_RSA_WITH_SEED_CBC_SHA => 0x009a,
-        TLS_DH_anon_WITH_SEED_CBC_SHA => 0x009b,
+
+        /// The `TLS_RSA_WITH_AES_128_GCM_SHA256` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5288>
         TLS_RSA_WITH_AES_128_GCM_SHA256 => 0x009c,
+
+        /// The `TLS_RSA_WITH_AES_256_GCM_SHA384` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5288>
         TLS_RSA_WITH_AES_256_GCM_SHA384 => 0x009d,
-        TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 => 0x009e,
-        TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 => 0x009f,
-        TLS_DH_RSA_WITH_AES_128_GCM_SHA256 => 0x00a0,
-        TLS_DH_RSA_WITH_AES_256_GCM_SHA384 => 0x00a1,
-        TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 => 0x00a2,
-        TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 => 0x00a3,
-        TLS_DH_DSS_WITH_AES_128_GCM_SHA256 => 0x00a4,
-        TLS_DH_DSS_WITH_AES_256_GCM_SHA384 => 0x00a5,
-        TLS_DH_anon_WITH_AES_128_GCM_SHA256 => 0x00a6,
-        TLS_DH_anon_WITH_AES_256_GCM_SHA384 => 0x00a7,
-        TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 => 0x00aa,
-        TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 => 0x00ab,
+
+        /// The `TLS_PSK_WITH_AES_128_GCM_SHA256` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5487>
+        TLS_PSK_WITH_AES_128_GCM_SHA256 => 0x00a8,
+
+        /// The `TLS_PSK_WITH_AES_256_GCM_SHA384` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5487>
+        TLS_PSK_WITH_AES_256_GCM_SHA384 => 0x00a9,
+
+        /// The `TLS_RSA_PSK_WITH_AES_128_GCM_SHA256` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5487>
         TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 => 0x00ac,
+
+        /// The `TLS_RSA_PSK_WITH_AES_256_GCM_SHA384` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5487>
         TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 => 0x00ad,
+
+        /// The `TLS_PSK_WITH_AES_128_CBC_SHA256` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5487>
         TLS_PSK_WITH_AES_128_CBC_SHA256 => 0x00ae,
+
+        /// The `TLS_PSK_WITH_AES_256_CBC_SHA384` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5487>
         TLS_PSK_WITH_AES_256_CBC_SHA384 => 0x00af,
-        TLS_PSK_WITH_NULL_SHA256 => 0x00b0,
-        TLS_PSK_WITH_NULL_SHA384 => 0x00b1,
+
+        /// The `TLS_DHE_PSK_WITH_AES_128_CBC_SHA256` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5487>
         TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 => 0x00b2,
+
+        /// The `TLS_DHE_PSK_WITH_AES_256_CBC_SHA384` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5487>
         TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 => 0x00b3,
-        TLS_DHE_PSK_WITH_NULL_SHA256 => 0x00b4,
-        TLS_DHE_PSK_WITH_NULL_SHA384 => 0x00b5,
+
+        /// The `TLS_RSA_PSK_WITH_AES_128_CBC_SHA256` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5487>
         TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 => 0x00b6,
+
+        /// The `TLS_RSA_PSK_WITH_AES_256_CBC_SHA384` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5487>
         TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 => 0x00b7,
-        TLS_RSA_PSK_WITH_NULL_SHA256 => 0x00b8,
-        TLS_RSA_PSK_WITH_NULL_SHA384 => 0x00b9,
-        TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 => 0x00ba,
-        TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 => 0x00bb,
-        TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 => 0x00bc,
-        TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 => 0x00bd,
-        TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 => 0x00be,
-        TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 => 0x00bf,
-        TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 => 0x00c0,
-        TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 => 0x00c1,
-        TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 => 0x00c2,
-        TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 => 0x00c3,
-        TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 => 0x00c4,
-        TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 => 0x00c5,
-        TLS_ECDH_ECDSA_WITH_NULL_SHA => 0xc001,
-        TLS_ECDH_ECDSA_WITH_RC4_128_SHA => 0xc002,
-        TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA => 0xc003,
-        TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA => 0xc004,
-        TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA => 0xc005,
-        TLS_ECDHE_ECDSA_WITH_NULL_SHA => 0xc006,
-        TLS_ECDHE_ECDSA_WITH_RC4_128_SHA => 0xc007,
-        TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA => 0xc008,
-        TLS_ECDH_RSA_WITH_NULL_SHA => 0xc00b,
-        TLS_ECDH_RSA_WITH_RC4_128_SHA => 0xc00c,
-        TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA => 0xc00d,
-        TLS_ECDH_RSA_WITH_AES_128_CBC_SHA => 0xc00e,
-        TLS_ECDH_RSA_WITH_AES_256_CBC_SHA => 0xc00f,
-        TLS_ECDHE_RSA_WITH_NULL_SHA => 0xc010,
-        TLS_ECDHE_RSA_WITH_RC4_128_SHA => 0xc011,
-        TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA => 0xc012,
-        TLS_ECDH_anon_WITH_NULL_SHA => 0xc015,
-        TLS_ECDH_anon_WITH_RC4_128_SHA => 0xc016,
-        TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA => 0xc017,
-        TLS_ECDH_anon_WITH_AES_128_CBC_SHA => 0xc018,
-        TLS_ECDH_anon_WITH_AES_256_CBC_SHA => 0xc019,
-        TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA => 0xc01a,
-        TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA => 0xc01b,
-        TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA => 0xc01c,
-        TLS_SRP_SHA_WITH_AES_128_CBC_SHA => 0xc01d,
-        TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA => 0xc01e,
-        TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA => 0xc01f,
-        TLS_SRP_SHA_WITH_AES_256_CBC_SHA => 0xc020,
-        TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA => 0xc021,
-        TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA => 0xc022,
-        TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 => 0xc025,
-        TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 => 0xc026,
-        TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 => 0xc029,
-        TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 => 0xc02a,
-        TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 => 0xc02d,
-        TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 => 0xc02e,
-        TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 => 0xc031,
-        TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 => 0xc032,
-        TLS_ECDHE_PSK_WITH_RC4_128_SHA => 0xc033,
-        TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA => 0xc034,
+
+        /// The `TLS_EMPTY_RENEGOTIATION_INFO_SCSV` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5746>
+        TLS_EMPTY_RENEGOTIATION_INFO_SCSV => 0x00ff,
+
+        /// The `TLS_AES_128_CCM_8_SHA256` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc8446>
+        TLS13_AES_128_CCM_8_SHA256 => 0x1305,
+
+        /// The `TLS_FALLBACK_SCSV` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc7507>
+        TLS_FALLBACK_SCSV => 0x5600,
+
+        /// The `TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc8422>
+        TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA => 0xc009,
+
+        /// The `TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc8422>
+        TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA => 0xc00a,
+
+        /// The `TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc8422>
+        TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA => 0xc013,
+
+        /// The `TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc8422>
+        TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA => 0xc014,
+
+        /// The `TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5289>
+        TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 => 0xc023,
+
+        /// The `TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5289>
+        TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 => 0xc024,
+
+        /// The `TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5289>
+        TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 => 0xc027,
+
+        /// The `TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5289>
+        TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 => 0xc028,
+
+        /// The `TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5489>
         TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA => 0xc035,
+
+        /// The `TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5489>
         TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA => 0xc036,
+
+        /// The `TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5489>
         TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 => 0xc037,
+
+        /// The `TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc5489>
         TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 => 0xc038,
-        TLS_ECDHE_PSK_WITH_NULL_SHA => 0xc039,
-        TLS_ECDHE_PSK_WITH_NULL_SHA256 => 0xc03a,
-        TLS_ECDHE_PSK_WITH_NULL_SHA384 => 0xc03b,
-        TLS_RSA_WITH_ARIA_128_CBC_SHA256 => 0xc03c,
-        TLS_RSA_WITH_ARIA_256_CBC_SHA384 => 0xc03d,
-        TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256 => 0xc03e,
-        TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384 => 0xc03f,
-        TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256 => 0xc040,
-        TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384 => 0xc041,
-        TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256 => 0xc042,
-        TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384 => 0xc043,
-        TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 => 0xc044,
-        TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 => 0xc045,
-        TLS_DH_anon_WITH_ARIA_128_CBC_SHA256 => 0xc046,
-        TLS_DH_anon_WITH_ARIA_256_CBC_SHA384 => 0xc047,
-        TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 => 0xc048,
-        TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 => 0xc049,
-        TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 => 0xc04a,
-        TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 => 0xc04b,
-        TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 => 0xc04c,
-        TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 => 0xc04d,
-        TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 => 0xc04e,
-        TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 => 0xc04f,
-        TLS_RSA_WITH_ARIA_128_GCM_SHA256 => 0xc050,
-        TLS_RSA_WITH_ARIA_256_GCM_SHA384 => 0xc051,
-        TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 => 0xc052,
-        TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 => 0xc053,
-        TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256 => 0xc054,
-        TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384 => 0xc055,
-        TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256 => 0xc056,
-        TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384 => 0xc057,
-        TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256 => 0xc058,
-        TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384 => 0xc059,
-        TLS_DH_anon_WITH_ARIA_128_GCM_SHA256 => 0xc05a,
-        TLS_DH_anon_WITH_ARIA_256_GCM_SHA384 => 0xc05b,
-        TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 => 0xc05c,
-        TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 => 0xc05d,
-        TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 => 0xc05e,
-        TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 => 0xc05f,
-        TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 => 0xc060,
-        TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 => 0xc061,
-        TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 => 0xc062,
-        TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 => 0xc063,
-        TLS_PSK_WITH_ARIA_128_CBC_SHA256 => 0xc064,
-        TLS_PSK_WITH_ARIA_256_CBC_SHA384 => 0xc065,
-        TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 => 0xc066,
-        TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 => 0xc067,
-        TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 => 0xc068,
-        TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 => 0xc069,
-        TLS_PSK_WITH_ARIA_128_GCM_SHA256 => 0xc06a,
-        TLS_PSK_WITH_ARIA_256_GCM_SHA384 => 0xc06b,
-        TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 => 0xc06c,
-        TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 => 0xc06d,
-        TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 => 0xc06e,
-        TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 => 0xc06f,
-        TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 => 0xc070,
-        TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 => 0xc071,
-        TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 => 0xc072,
-        TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 => 0xc073,
-        TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 => 0xc074,
-        TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 => 0xc075,
-        TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 => 0xc076,
-        TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 => 0xc077,
-        TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 => 0xc078,
-        TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 => 0xc079,
-        TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 => 0xc07a,
-        TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 => 0xc07b,
-        TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 => 0xc07c,
-        TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 => 0xc07d,
-        TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 => 0xc07e,
-        TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 => 0xc07f,
-        TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 => 0xc080,
-        TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 => 0xc081,
-        TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 => 0xc082,
-        TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 => 0xc083,
-        TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 => 0xc084,
-        TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 => 0xc085,
-        TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 => 0xc086,
-        TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 => 0xc087,
-        TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 => 0xc088,
-        TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 => 0xc089,
-        TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 => 0xc08a,
-        TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 => 0xc08b,
-        TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 => 0xc08c,
-        TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 => 0xc08d,
-        TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 => 0xc08e,
-        TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 => 0xc08f,
-        TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 => 0xc090,
-        TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 => 0xc091,
-        TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 => 0xc092,
-        TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 => 0xc093,
-        TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 => 0xc094,
-        TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 => 0xc095,
-        TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 => 0xc096,
-        TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 => 0xc097,
-        TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 => 0xc098,
-        TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 => 0xc099,
-        TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 => 0xc09a,
-        TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 => 0xc09b,
+
+        /// The `TLS_RSA_WITH_AES_128_CCM` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc6655>
         TLS_RSA_WITH_AES_128_CCM => 0xc09c,
+
+        /// The `TLS_RSA_WITH_AES_256_CCM` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc6655>
         TLS_RSA_WITH_AES_256_CCM => 0xc09d,
-        TLS_DHE_RSA_WITH_AES_128_CCM => 0xc09e,
-        TLS_DHE_RSA_WITH_AES_256_CCM => 0xc09f,
+
+        /// The `TLS_RSA_WITH_AES_128_CCM_8` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc6655>
         TLS_RSA_WITH_AES_128_CCM_8 => 0xc0a0,
+
+        /// The `TLS_RSA_WITH_AES_256_CCM_8` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc6655>
         TLS_RSA_WITH_AES_256_CCM_8 => 0xc0a1,
+
+        /// The `TLS_DHE_RSA_WITH_AES_128_CCM_8` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc6655>
         TLS_DHE_RSA_WITH_AES_128_CCM_8 => 0xc0a2,
+
+        /// The `TLS_DHE_RSA_WITH_AES_256_CCM_8` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc6655>
         TLS_DHE_RSA_WITH_AES_256_CCM_8 => 0xc0a3,
+
+        /// The `TLS_PSK_WITH_AES_128_CCM` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc6655>
         TLS_PSK_WITH_AES_128_CCM => 0xc0a4,
+
+        /// The `TLS_PSK_WITH_AES_256_CCM` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc6655>
         TLS_PSK_WITH_AES_256_CCM => 0xc0a5,
-        TLS_DHE_PSK_WITH_AES_128_CCM => 0xc0a6,
-        TLS_DHE_PSK_WITH_AES_256_CCM => 0xc0a7,
+
+        /// The `TLS_PSK_WITH_AES_128_CCM_8` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc6655>
         TLS_PSK_WITH_AES_128_CCM_8 => 0xc0a8,
+
+        /// The `TLS_PSK_WITH_AES_256_CCM_8` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc6655>
         TLS_PSK_WITH_AES_256_CCM_8 => 0xc0a9,
+
+        /// The `TLS_PSK_DHE_WITH_AES_128_CCM_8` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc6655>
         TLS_PSK_DHE_WITH_AES_128_CCM_8 => 0xc0aa,
+
+        /// The `TLS_PSK_DHE_WITH_AES_256_CCM_8` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc6655>
         TLS_PSK_DHE_WITH_AES_256_CCM_8 => 0xc0ab,
+
+        /// The `TLS_ECDHE_ECDSA_WITH_AES_128_CCM` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc7251>
         TLS_ECDHE_ECDSA_WITH_AES_128_CCM => 0xc0ac,
+
+        /// The `TLS_ECDHE_ECDSA_WITH_AES_256_CCM` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc7251>
         TLS_ECDHE_ECDSA_WITH_AES_256_CCM => 0xc0ad,
+
+        /// The `TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc7251>
         TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 => 0xc0ae,
+
+        /// The `TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc7251>
         TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 => 0xc0af,
-        TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 => 0xccaa,
+
+        /// The `TLS_SHA256_SHA256` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc9150>
+        TLS_SHA256_SHA256 => 0xc0b4,
+
+        /// The `TLS_SHA384_SHA384` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc9150>
+        TLS_SHA384_SHA384 => 0xc0b5,
+
+        /// The `TLS_PSK_WITH_CHACHA20_POLY1305_SHA256` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc7905>
         TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 => 0xccab,
-        TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 => 0xccac,
-        TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 => 0xccad,
+
+        /// The `TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc7905>
         TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 => 0xccae,
-        SSL_RSA_FIPS_WITH_DES_CBC_SHA => 0xfefe,
-        SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA => 0xfeff,
+
+        /// The `TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256` cipher suite.  Recommended=N.  Defined in
+        /// <https://www.iana.org/go/rfc8442>
+        TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256 => 0xd003,
     }
 }
 
diff --git a/rustls/src/key_log_file.rs b/rustls/src/key_log_file.rs
index 45f29da552c..b9eb44de23e 100644
--- a/rustls/src/key_log_file.rs
+++ b/rustls/src/key_log_file.rs
@@ -25,7 +25,7 @@ impl KeyLogFileInner {
             };
         };
 
-        #[cfg_attr(not(feature = "logging"), allow(unused_variables))]
+        #[cfg_attr(not(feature = "log"), allow(unused_variables))]
         let file = match OpenOptions::new()
             .append(true)
             .create(true)
@@ -93,7 +93,7 @@ impl KeyLogFile {
 
 impl KeyLog for KeyLogFile {
     fn log(&self, label: &str, client_random: &[u8], secret: &[u8]) {
-        #[cfg_attr(not(feature = "logging"), allow(unused_variables))]
+        #[cfg_attr(not(feature = "log"), allow(unused_variables))]
         match self
             .0
             .lock()
diff --git a/rustls/src/lib.rs b/rustls/src/lib.rs
index 845f4e94de0..ac33337aab1 100644
--- a/rustls/src/lib.rs
+++ b/rustls/src/lib.rs
@@ -24,7 +24,7 @@
 //! Specifying `default-features = false` when depending on rustls will remove the implicit
 //! dependency on aws-lc-rs.
 //!
-//! Rustls requires Rust 1.71 or later. It has an optional dependency on zlib-rs which requires 1.75 or later.
+//! Rustls requires Rust 1.79 or later.
 //!
 //! [ring-target-platforms]: https://github.com/briansmith/ring/blob/2e8363b433fa3b3962c877d9ed2e9145612f3160/include/ring-core/target.h#L18-L64
 //! [`crypto::CryptoProvider`]: crate::crypto::CryptoProvider
@@ -46,7 +46,7 @@
 //!
 //! Rustls ships with two built-in providers controlled by associated crate features:
 //!
-//!   * [`aws-lc-rs`] - enabled by default, available with the `aws_lc_rs` crate feature enabled.
+//!   * [`aws-lc-rs`] - enabled by default, available with the `aws-lc-rs` crate feature enabled.
 //!   * [`ring`] - available with the `ring` crate feature enabled.
 //!
 //! See the documentation for [`crypto::CryptoProvider`] for details on how providers are
@@ -159,7 +159,7 @@
 //! and use it for all connections made by that process.
 //!
 //! ```rust,no_run
-//! # #[cfg(feature = "aws_lc_rs")] {
+//! # #[cfg(feature = "aws-lc-rs")] {
 //! # let root_store: rustls::RootCertStore = panic!();
 //! let config = rustls::ClientConfig::builder()
 //!     .with_root_certificates(root_store)
@@ -171,7 +171,7 @@
 //! know what to expect to find in the server's certificate.
 //!
 //! ```rust
-//! # #[cfg(feature = "aws_lc_rs")] {
+//! # #[cfg(feature = "aws-lc-rs")] {
 //! # use rustls;
 //! # use webpki;
 //! # use std::sync::Arc;
@@ -214,7 +214,7 @@
 //! errors.
 //!
 //! ```rust,no_run
-//! # #[cfg(feature = "aws_lc_rs")] {
+//! # #[cfg(feature = "aws-lc-rs")] {
 //! # let mut client = rustls::ClientConnection::new(panic!(), panic!()).unwrap();
 //! # struct Socket { }
 //! # impl Socket {
@@ -279,7 +279,7 @@
 //! - `std` (enabled by default): enable the high-level (buffered) Connection API and other functionality
 //!   which relies on the `std` library.
 //!
-//! - `aws_lc_rs` (enabled by default): makes the rustls crate depend on the [`aws-lc-rs`] crate.
+//! - `aws-lc-rs` (enabled by default): makes the rustls crate depend on the [`aws-lc-rs`] crate.
 //!   Use `rustls::crypto::aws_lc_rs::default_provider().install_default()` to
 //!   use it as the default `CryptoProvider`, or provide it explicitly
 //!   when making a `ClientConfig` or `ServerConfig`.
@@ -293,7 +293,7 @@
 //!   when making a `ClientConfig` or `ServerConfig`.
 //!
 //! - `fips`: enable support for FIPS140-3-approved cryptography, via the [`aws-lc-rs`] crate.
-//!   This feature enables the `aws_lc_rs` crate feature, which makes the rustls crate depend
+//!   This feature enables the `aws-lc-rs` crate feature, which makes the rustls crate depend
 //!   on [aws-lc-rs](https://github.com/aws/aws-lc-rs).  It also changes the default
 //!   for [`ServerConfig::require_ems`] and [`ClientConfig::require_ems`].
 //!
@@ -313,7 +313,7 @@
 //!   TLS 1.2 for security reasons, consider explicitly enabling TLS 1.3 only in the config
 //!   builder API.
 //!
-//! - `logging` (enabled by default): make the rustls crate depend on the `log` crate.
+//! - `log` (enabled by default): make the rustls crate depend on the `log` crate.
 //!   rustls outputs interesting protocol-level messages at `trace!` and `debug!` level,
 //!   and protocol-level errors at `warn!` and `error!` level.  The log messages do not
 //!   contain secret key data, and so are safe to archive without affecting session security.
@@ -400,10 +400,10 @@ use crate::crypto::CryptoProvider;
 extern crate test;
 
 // log for logging (optional).
-#[cfg(feature = "logging")]
+#[cfg(feature = "log")]
 use log;
 
-#[cfg(not(feature = "logging"))]
+#[cfg(not(feature = "log"))]
 mod log {
     macro_rules! trace    ( ($($tt:tt)*) => {{}} );
     macro_rules! debug    ( ($($tt:tt)*) => {{}} );
@@ -451,7 +451,7 @@ mod verifybench;
 mod x509;
 #[macro_use]
 mod check;
-#[cfg(feature = "logging")]
+#[cfg(feature = "log")]
 mod bs_debug;
 mod builder;
 mod enums;
@@ -568,8 +568,6 @@ pub use crate::suites::{
 };
 #[cfg(feature = "std")]
 pub use crate::ticketer::TicketRotator;
-#[cfg(any(feature = "std", feature = "hashbrown"))] // < XXX: incorrect feature gate
-pub use crate::ticketer::TicketSwitcher;
 #[cfg(feature = "tls12")]
 pub use crate::tls12::Tls12CipherSuite;
 pub use crate::tls13::Tls13CipherSuite;
diff --git a/rustls/src/msgs/enums.rs b/rustls/src/msgs/enums.rs
index 75b16326c40..93914f6a7e7 100644
--- a/rustls/src/msgs/enums.rs
+++ b/rustls/src/msgs/enums.rs
@@ -1,6 +1,7 @@
 #![allow(clippy::upper_case_acronyms)]
 #![allow(non_camel_case_types)]
 use crate::crypto::KeyExchangeAlgorithm;
+use crate::enums::ProtocolVersion;
 use crate::msgs::codec::{Codec, Reader};
 
 enum_builder! {
@@ -117,7 +118,6 @@ enum_builder! {
         NextProtocolNegotiation => 0x3374,
         ChannelId => 0x754f,
         RenegotiationInfo => 0xff01,
-        TransportParametersDraft => 0xffa5,
         EncryptedClientHello => 0xfe0d, // https://datatracker.ietf.org/doc/html/draft-ietf-tls-esni-18#section-11.1
         EncryptedClientHelloOuterExtensions => 0xfd00, // https://datatracker.ietf.org/doc/html/draft-ietf-tls-esni-18#section-5.1
     }
@@ -162,55 +162,14 @@ enum_builder! {
 }
 
 enum_builder! {
-    /// The `NamedCurve` TLS protocol enum.  Values in this enum are taken
+    /// The `NamedGroup` TLS protocol enum.  Values in this enum are taken
     /// from the various RFCs covering TLS, and are listed by IANA.
     /// The `Unknown` item is used when processing unrecognised ordinals.
     ///
-    /// This enum is used for recognizing elliptic curve parameters advertised
-    /// by a peer during a TLS handshake. It is **not** a list of curves that
+    /// This enum is used for recognizing key exchange groups advertised
+    /// by a peer during a TLS handshake. It is **not** a list of groups that
     /// Rustls supports. See [`crate::crypto::ring::kx_group`] for the list of supported
-    /// elliptic curve groups.
-    #[repr(u16)]
-    pub(crate) enum NamedCurve {
-        sect163k1 => 0x0001,
-        sect163r1 => 0x0002,
-        sect163r2 => 0x0003,
-        sect193r1 => 0x0004,
-        sect193r2 => 0x0005,
-        sect233k1 => 0x0006,
-        sect233r1 => 0x0007,
-        sect239k1 => 0x0008,
-        sect283k1 => 0x0009,
-        sect283r1 => 0x000a,
-        sect409k1 => 0x000b,
-        sect409r1 => 0x000c,
-        sect571k1 => 0x000d,
-        sect571r1 => 0x000e,
-        secp160k1 => 0x000f,
-        secp160r1 => 0x0010,
-        secp160r2 => 0x0011,
-        secp192k1 => 0x0012,
-        secp192r1 => 0x0013,
-        secp224k1 => 0x0014,
-        secp224r1 => 0x0015,
-        secp256k1 => 0x0016,
-        secp256r1 => 0x0017,
-        secp384r1 => 0x0018,
-        secp521r1 => 0x0019,
-        brainpoolp256r1 => 0x001a,
-        brainpoolp384r1 => 0x001b,
-        brainpoolp512r1 => 0x001c,
-        X25519 => 0x001d,
-        X448 => 0x001e,
-        arbitrary_explicit_prime_curves => 0xff01,
-        arbitrary_explicit_char2_curves => 0xff02,
-    }
-}
-
-enum_builder! {
-    /// The `NamedGroup` TLS protocol enum.  Values in this enum are taken
-    /// from the various RFCs covering TLS, and are listed by IANA.
-    /// The `Unknown` item is used when processing unrecognised ordinals.
+    /// key exchange groups.
     #[repr(u16)]
     pub enum NamedGroup {
         secp256r1 => 0x0017,
@@ -218,16 +177,31 @@ enum_builder! {
         secp521r1 => 0x0019,
         X25519 => 0x001d,
         X448 => 0x001e,
+        /// <https://www.iana.org/go/rfc8734>
+        brainpoolP256r1tls13 => 0x001f,
+        /// <https://www.iana.org/go/rfc8734>
+        brainpoolP384r1tls13 => 0x0020,
+        /// <https://www.iana.org/go/rfc8734>
+        brainpoolP512r1tls13 => 0x0021,
+        /// <https://www.iana.org/go/rfc8998>
+        curveSM2 => 0x0029,
         FFDHE2048 => 0x0100,
         FFDHE3072 => 0x0101,
         FFDHE4096 => 0x0102,
         FFDHE6144 => 0x0103,
         FFDHE8192 => 0x0104,
+        /// <https://datatracker.ietf.org/doc/draft-ietf-tls-mlkem/>
         MLKEM512 => 0x0200,
+        /// <https://datatracker.ietf.org/doc/draft-ietf-tls-mlkem/>
         MLKEM768 => 0x0201,
+        /// <https://datatracker.ietf.org/doc/draft-ietf-tls-mlkem/>
         MLKEM1024 => 0x0202,
+        /// <https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-mlkem/>
         secp256r1MLKEM768 => 0x11eb,
+        /// <https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-mlkem/>
         X25519MLKEM768 => 0x11ec,
+        /// <https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-mlkem/>
+        secp384r1MLKEM1024 => 0x11ed,
     }
 }
 
@@ -239,6 +213,25 @@ impl NamedGroup {
             _ => KeyExchangeAlgorithm::ECDHE,
         }
     }
+
+    pub fn usable_for_version(&self, version: ProtocolVersion) -> bool {
+        match version {
+            ProtocolVersion::TLSv1_3 => true,
+            _ => !matches!(
+                self,
+                Self::MLKEM512
+                    | Self::MLKEM768
+                    | Self::MLKEM1024
+                    | Self::X25519MLKEM768
+                    | Self::secp256r1MLKEM768
+                    | Self::secp384r1MLKEM1024
+                    | Self::brainpoolP256r1tls13
+                    | Self::brainpoolP384r1tls13
+                    | Self::brainpoolP512r1tls13
+                    | Self::curveSM2
+            ),
+        }
+    }
 }
 
 enum_builder! {
@@ -414,10 +407,6 @@ pub(crate) mod tests {
         );
         test_enum16::<ExtensionType>(ExtensionType::ServerName, ExtensionType::RenegotiationInfo);
         test_enum8::<ServerNameType>(ServerNameType::HostName, ServerNameType::HostName);
-        test_enum16::<NamedCurve>(
-            NamedCurve::sect163k1,
-            NamedCurve::arbitrary_explicit_char2_curves,
-        );
         test_enum16::<NamedGroup>(NamedGroup::secp256r1, NamedGroup::FFDHE8192);
         test_enum8::<ECPointFormat>(
             ECPointFormat::Uncompressed,
diff --git a/rustls/src/msgs/ffdhe_groups.rs b/rustls/src/msgs/ffdhe_groups.rs
index ac105b59877..e3fc68d0da0 100644
--- a/rustls/src/msgs/ffdhe_groups.rs
+++ b/rustls/src/msgs/ffdhe_groups.rs
@@ -1,8 +1,6 @@
 //! This module contains parameters for FFDHE named groups as defined
 //! in [RFC 7919 Appendix A](https://datatracker.ietf.org/doc/html/rfc7919#appendix-A).
 
-use crate::NamedGroup;
-
 #[derive(Clone, Copy, Debug, PartialEq, Eq)]
 /// Parameters of an FFDHE group, with Big-endian byte order
 pub struct FfdheGroup<'a> {
@@ -10,42 +8,7 @@ pub struct FfdheGroup<'a> {
     pub g: &'a [u8],
 }
 
-impl FfdheGroup<'static> {
-    /// Return the `FfdheGroup` corresponding to the provided `NamedGroup`
-    /// if it is indeed an FFDHE group
-    #[deprecated(
-        since = "0.23.13",
-        note = "This function is linker-unfriendly.  Use `SupportedKxGroup::ffdhe_group()` instead"
-    )]
-    pub fn from_named_group(named_group: NamedGroup) -> Option<Self> {
-        match named_group {
-            NamedGroup::FFDHE2048 => Some(FFDHE2048),
-            NamedGroup::FFDHE3072 => Some(FFDHE3072),
-            NamedGroup::FFDHE4096 => Some(FFDHE4096),
-            NamedGroup::FFDHE6144 => Some(FFDHE6144),
-            NamedGroup::FFDHE8192 => Some(FFDHE8192),
-            _ => None,
-        }
-    }
-}
-
 impl<'a> FfdheGroup<'a> {
-    /// Return the `NamedGroup` for the `FfdheGroup` if it represents one.
-    #[deprecated(
-        since = "0.23.13",
-        note = "This function is linker-unfriendly.  Use `SupportedKxGroup::name()` instead"
-    )]
-    pub fn named_group(&self) -> Option<NamedGroup> {
-        match *self {
-            FFDHE2048 => Some(NamedGroup::FFDHE2048),
-            FFDHE3072 => Some(NamedGroup::FFDHE3072),
-            FFDHE4096 => Some(NamedGroup::FFDHE4096),
-            FFDHE6144 => Some(NamedGroup::FFDHE6144),
-            FFDHE8192 => Some(NamedGroup::FFDHE8192),
-            _ => None,
-        }
-    }
-
     /// Construct an `FfdheGroup` from the given `p` and `g`, trimming any potential leading zeros.
     pub fn from_params_trimming_leading_zeros(p: &'a [u8], g: &'a [u8]) -> Self {
         fn trim_leading_zeros(buf: &[u8]) -> &[u8] {
@@ -308,16 +271,3 @@ pub const FFDHE8192: FfdheGroup<'static> = FfdheGroup {
     ],
     g: &[2],
 };
-
-#[test]
-fn named_group_ffdhe_group_roundtrip() {
-    use NamedGroup::*;
-    let ffdhe_groups = [FFDHE2048, FFDHE3072, FFDHE4096, FFDHE6144, FFDHE8192];
-    for g in ffdhe_groups {
-        #[allow(deprecated)]
-        let roundtrip = FfdheGroup::from_named_group(g)
-            .unwrap()
-            .named_group();
-        assert_eq!(roundtrip, Some(g));
-    }
-}
diff --git a/rustls/src/msgs/fragmenter.rs b/rustls/src/msgs/fragmenter.rs
index 4863677792c..e097e172f7d 100644
--- a/rustls/src/msgs/fragmenter.rs
+++ b/rustls/src/msgs/fragmenter.rs
@@ -98,7 +98,7 @@ impl<'a> Iterator for Chunker<'a> {
 
 impl ExactSizeIterator for Chunker<'_> {
     fn len(&self) -> usize {
-        (self.payload.len() + self.limit - 1) / self.limit
+        self.payload.len().div_ceil(self.limit)
     }
 }
 
diff --git a/rustls/src/msgs/handshake.rs b/rustls/src/msgs/handshake.rs
index fd28ba1e4a6..cd7ce595df4 100644
--- a/rustls/src/msgs/handshake.rs
+++ b/rustls/src/msgs/handshake.rs
@@ -1,6 +1,6 @@
 use alloc::boxed::Box;
 use alloc::collections::BTreeSet;
-#[cfg(feature = "logging")]
+#[cfg(feature = "log")]
 use alloc::string::String;
 use alloc::vec;
 use alloc::vec::Vec;
@@ -811,9 +811,6 @@ impl ClientExtensionsInput<'_> {
 
 #[derive(Clone)]
 pub(crate) enum TransportParameters<'a> {
-    /// QUIC transport parameters (RFC9001 prior to draft 33)
-    QuicDraft(Payload<'a>),
-
     /// QUIC transport parameters (RFC9001)
     Quic(Payload<'a>),
 }
@@ -821,7 +818,6 @@ pub(crate) enum TransportParameters<'a> {
 impl TransportParameters<'_> {
     pub(crate) fn into_owned(self) -> TransportParameters<'static> {
         match self {
-            Self::QuicDraft(v) => TransportParameters::QuicDraft(v.into_owned()),
             Self::Quic(v) => TransportParameters::Quic(v.into_owned()),
         }
     }
@@ -916,10 +912,6 @@ extension_struct! {
         ExtensionType::RenegotiationInfo =>
             pub(crate) renegotiation_info: Option<PayloadU8>,
 
-        /// QUIC transport parameters (RFC9001 prior to draft 33)
-        ExtensionType::TransportParametersDraft =>
-            pub(crate) transport_parameters_draft: Option<Payload<'a>>,
-
         /// Encrypted inner client hello (draft-ietf-tls-esni)
         ExtensionType::EncryptedClientHello =>
             pub(crate) encrypted_client_hello: Option<EncryptedClientHello>,
@@ -959,7 +951,6 @@ impl ClientExtensions<'_> {
             key_shares,
             transport_parameters,
             renegotiation_info,
-            transport_parameters_draft,
             encrypted_client_hello,
             encrypted_client_hello_outer,
             order_seed,
@@ -986,7 +977,6 @@ impl ClientExtensions<'_> {
             key_shares,
             transport_parameters: transport_parameters.map(|x| x.into_owned()),
             renegotiation_info,
-            transport_parameters_draft: transport_parameters_draft.map(|x| x.into_owned()),
             encrypted_client_hello,
             encrypted_client_hello_outer,
             order_seed,
@@ -1184,10 +1174,6 @@ extension_struct! {
         ExtensionType::TransportParameters =>
             pub(crate) transport_parameters: Option<Payload<'a>>,
 
-        /// QUIC transport parameters (RFC9001 prior to draft 33)
-        ExtensionType::TransportParametersDraft =>
-            pub(crate) transport_parameters_draft: Option<Payload<'a>>,
-
         /// Early data is accepted (RFC8446)
         ExtensionType::EarlyData =>
             pub(crate) early_data_ack: Option<()>,
@@ -1216,7 +1202,6 @@ impl ServerExtensions<'_> {
             certificate_status_request_ack,
             selected_version,
             transport_parameters,
-            transport_parameters_draft,
             early_data_ack,
             encrypted_client_hello_ack,
             unknown_extensions,
@@ -1235,7 +1220,6 @@ impl ServerExtensions<'_> {
             certificate_status_request_ack,
             selected_version,
             transport_parameters: transport_parameters.map(|x| x.into_owned()),
-            transport_parameters_draft: transport_parameters_draft.map(|x| x.into_owned()),
             early_data_ack,
             encrypted_client_hello_ack,
             unknown_extensions,
diff --git a/rustls/src/msgs/handshake_test.rs b/rustls/src/msgs/handshake_test.rs
index 53cf88fa5ac..d3b974b309d 100644
--- a/rustls/src/msgs/handshake_test.rs
+++ b/rustls/src/msgs/handshake_test.rs
@@ -754,7 +754,7 @@ fn sample_hello_retry_request() -> HelloRetryRequest {
     HelloRetryRequest {
         legacy_version: ProtocolVersion::TLSv1_2,
         session_id: SessionId::empty(),
-        cipher_suite: CipherSuite::TLS_NULL_WITH_NULL_NULL,
+        cipher_suite: CipherSuite::TLS_PSK_DHE_WITH_AES_128_CCM_8,
         extensions: HelloRetryRequestExtensions {
             key_share: Some(NamedGroup::X25519),
             cookie: Some(PayloadU16::new(vec![0])),
@@ -770,7 +770,7 @@ fn sample_client_hello_payload() -> ClientHelloPayload {
         client_version: ProtocolVersion::TLSv1_2,
         random: Random::from([0; 32]),
         session_id: SessionId::empty(),
-        cipher_suites: vec![CipherSuite::TLS_NULL_WITH_NULL_NULL],
+        cipher_suites: vec![CipherSuite::TLS_PSK_WITH_AES_128_CCM],
         compression_methods: vec![Compression::Null],
         extensions: Box::new(ClientExtensions {
             server_name: Some(ServerNamePayload::from(
@@ -820,7 +820,7 @@ fn sample_server_hello_payload() -> ServerHelloPayload {
         legacy_version: ProtocolVersion::TLSv1_2,
         random: Random::from([0; 32]),
         session_id: SessionId::empty(),
-        cipher_suite: CipherSuite::TLS_NULL_WITH_NULL_NULL,
+        cipher_suite: CipherSuite::TLS_PSK_WITH_AES_128_CCM,
         compression_method: Compression::Null,
         extensions: Box::new(ServerExtensions {
             ec_point_formats: Some(SupportedEcPointFormats::default()),
@@ -838,7 +838,6 @@ fn sample_server_hello_payload() -> ServerHelloPayload {
             certificate_status_request_ack: Some(()),
             selected_version: Some(ProtocolVersion::TLSv1_2),
             transport_parameters: Some(Payload::new(vec![1, 2, 3])),
-            transport_parameters_draft: None,
             client_certificate_type: Some(CertificateType::RawPublicKey),
             server_certificate_type: Some(CertificateType::RawPublicKey),
             unknown_extensions: Default::default(),
diff --git a/rustls/src/msgs/macros.rs b/rustls/src/msgs/macros.rs
index 480950a6d67..3697fbd67ac 100644
--- a/rustls/src/msgs/macros.rs
+++ b/rustls/src/msgs/macros.rs
@@ -5,9 +5,18 @@ macro_rules! enum_builder {
         #[repr($uint:ty)]
         $enum_vis:vis enum $enum_name:ident
         {
-          $( $enum_var:ident => $enum_val:literal),* $(,)?
-          $( !Debug:
-            $( $enum_var_nd:ident => $enum_val_nd:literal),* $(,)?
+          $(
+              $(#[doc = $enum_comment:literal])*
+              $enum_var:ident => $enum_val:literal
+          ),*
+          $(,)?
+          $(
+              !Debug:
+              $(
+                  $(#[doc = $enum_comment_nd:literal])*
+                  $enum_var_nd:ident => $enum_val_nd:literal
+              ),*
+              $(,)?
           )?
         }
     ) => {
@@ -15,8 +24,17 @@ macro_rules! enum_builder {
         #[non_exhaustive]
         #[derive(PartialEq, Eq, Clone, Copy)]
         $enum_vis enum $enum_name {
-            $( $enum_var),*
-            $(, $($enum_var_nd),* )?
+            $(
+                $(#[doc = $enum_comment])*
+                $enum_var
+            ),*
+            $(
+                ,
+                $(
+                    $(#[doc = $enum_comment_nd])*
+                    $enum_var_nd
+                ),*
+            )?
             ,Unknown($uint)
         }
 
diff --git a/rustls/src/quic.rs b/rustls/src/quic.rs
index f00f3bba77f..b43bbd58ad5 100644
--- a/rustls/src/quic.rs
+++ b/rustls/src/quic.rs
@@ -21,7 +21,7 @@ mod connection {
     use core::fmt::{self, Debug};
     use core::ops::{Deref, DerefMut};
 
-    use pki_types::ServerName;
+    use pki_types::{DnsName, ServerName};
 
     use super::{DirectionalKeys, KeyChange, Version};
     use crate::client::{ClientConfig, ClientConnectionData};
@@ -197,7 +197,6 @@ mod connection {
 
             let exts = ClientExtensionsInput {
                 transport_parameters: Some(match quic_version {
-                    Version::V1Draft => TransportParameters::QuicDraft(Payload::new(params)),
                     Version::V1 | Version::V2 => TransportParameters::Quic(Payload::new(params)),
                 }),
 
@@ -288,7 +287,6 @@ mod connection {
 
             let exts = ServerExtensionsInput {
                 transport_parameters: Some(match quic_version {
-                    Version::V1Draft => TransportParameters::QuicDraft(Payload::new(params)),
                     Version::V1 | Version::V2 => TransportParameters::Quic(Payload::new(params)),
                 }),
             };
@@ -323,8 +321,8 @@ mod connection {
         /// when the client provides the SNI extension.
         ///
         /// The server name is also used to match sessions during session resumption.
-        pub fn server_name(&self) -> Option<&str> {
-            self.inner.core.get_sni_str()
+        pub fn server_name(&self) -> Option<&DnsName<'_>> {
+            self.inner.core.data.sni.as_ref()
         }
     }
 
@@ -939,8 +937,6 @@ pub enum KeyChange {
 #[non_exhaustive]
 #[derive(Clone, Copy, Debug)]
 pub enum Version {
-    /// Draft versions 29, 30, 31 and 32
-    V1Draft,
     /// First stable RFC
     V1,
     /// Anti-ossification variant of V1
@@ -950,11 +946,6 @@ pub enum Version {
 impl Version {
     fn initial_salt(self) -> &'static [u8; 20] {
         match self {
-            Self::V1Draft => &[
-                // https://datatracker.ietf.org/doc/html/draft-ietf-quic-tls-32#section-5.2
-                0xaf, 0xbf, 0xec, 0x28, 0x99, 0x93, 0xd2, 0x4c, 0x9e, 0x97, 0x86, 0xf1, 0x9c, 0x61,
-                0x11, 0xe0, 0x43, 0x90, 0xa8, 0x99,
-            ],
             Self::V1 => &[
                 // https://www.rfc-editor.org/rfc/rfc9001.html#name-initial-secrets
                 0x38, 0x76, 0x2c, 0xf7, 0xf5, 0x59, 0x34, 0xb3, 0x4d, 0x17, 0x9a, 0xe6, 0xa4, 0xc8,
@@ -971,7 +962,7 @@ impl Version {
     /// Key derivation label for packet keys.
     pub(crate) fn packet_key_label(&self) -> &'static [u8] {
         match self {
-            Self::V1Draft | Self::V1 => b"quic key",
+            Self::V1 => b"quic key",
             Self::V2 => b"quicv2 key",
         }
     }
@@ -979,7 +970,7 @@ impl Version {
     /// Key derivation label for packet "IV"s.
     pub(crate) fn packet_iv_label(&self) -> &'static [u8] {
         match self {
-            Self::V1Draft | Self::V1 => b"quic iv",
+            Self::V1 => b"quic iv",
             Self::V2 => b"quicv2 iv",
         }
     }
@@ -987,14 +978,14 @@ impl Version {
     /// Key derivation for header keys.
     pub(crate) fn header_key_label(&self) -> &'static [u8] {
         match self {
-            Self::V1Draft | Self::V1 => b"quic hp",
+            Self::V1 => b"quic hp",
             Self::V2 => b"quicv2 hp",
         }
     }
 
     fn key_update_label(&self) -> &'static [u8] {
         match self {
-            Self::V1Draft | Self::V1 => b"quic ku",
+            Self::V1 => b"quic ku",
             Self::V2 => b"quicv2 ku",
         }
     }
diff --git a/rustls/src/server/handy.rs b/rustls/src/server/handy.rs
index ea3ec5d9db0..c51fc45cd09 100644
--- a/rustls/src/server/handy.rs
+++ b/rustls/src/server/handy.rs
@@ -181,7 +181,7 @@ impl AlwaysResolvesServerRawPublicKeys {
 }
 
 impl server::ResolvesServerCert for AlwaysResolvesServerRawPublicKeys {
-    fn resolve(&self, _client_hello: ClientHello<'_>) -> Option<Arc<sign::CertifiedKey>> {
+    fn resolve(&self, _client_hello: &ClientHello<'_>) -> Option<Arc<sign::CertifiedKey>> {
         Some(self.0.clone())
     }
 
@@ -192,7 +192,6 @@ impl server::ResolvesServerCert for AlwaysResolvesServerRawPublicKeys {
 
 #[cfg(any(feature = "std", feature = "hashbrown"))]
 mod sni_resolver {
-    use alloc::string::{String, ToString};
     use core::fmt::Debug;
 
     use pki_types::{DnsName, ServerName};
@@ -208,7 +207,7 @@ mod sni_resolver {
     /// on client-supplied server name (via SNI).
     #[derive(Debug)]
     pub struct ResolvesServerCertUsingSni {
-        by_name: HashMap<String, Arc<sign::CertifiedKey>>,
+        by_name: HashMap<DnsName<'static>, Arc<sign::CertifiedKey>>,
     }
 
     impl ResolvesServerCertUsingSni {
@@ -221,17 +220,9 @@ mod sni_resolver {
 
         /// Add a new `sign::CertifiedKey` to be used for the given SNI `name`.
         ///
-        /// This function fails if `name` is not a valid DNS name, or if
-        /// it's not valid for the supplied certificate, or if the certificate
-        /// chain is syntactically faulty.
-        pub fn add(&mut self, name: &str, ck: sign::CertifiedKey) -> Result<(), Error> {
-            let server_name = {
-                let checked_name = DnsName::try_from(name)
-                    .map_err(|_| Error::General("Bad DNS name".into()))
-                    .map(|name| name.to_lowercase_owned())?;
-                ServerName::DnsName(checked_name)
-            };
-
+        /// This function fails if the `name` is not valid for the supplied certificate, or if
+        /// the certificate chain is syntactically faulty.
+        pub fn add(&mut self, name: DnsName<'static>, ck: sign::CertifiedKey) -> Result<(), Error> {
             // Check the certificate chain for validity:
             // - it should be non-empty list
             // - the first certificate should be parsable as a x509v3,
@@ -241,20 +232,22 @@ mod sni_resolver {
             // These checks are not security-sensitive.  They are the
             // *server* attempting to detect accidental misconfiguration.
 
+            let wrapped = ServerName::DnsName(name);
             ck.end_entity_cert()
                 .and_then(ParsedCertificate::try_from)
-                .and_then(|cert| verify_server_name(&cert, &server_name))?;
+                .and_then(|cert| verify_server_name(&cert, &wrapped))?;
 
-            if let ServerName::DnsName(name) = server_name {
-                self.by_name
-                    .insert(name.as_ref().to_string(), Arc::new(ck));
-            }
+            let ServerName::DnsName(name) = wrapped else {
+                unreachable!()
+            };
+
+            self.by_name.insert(name, Arc::new(ck));
             Ok(())
         }
     }
 
     impl server::ResolvesServerCert for ResolvesServerCertUsingSni {
-        fn resolve(&self, client_hello: ClientHello<'_>) -> Option<Arc<sign::CertifiedKey>> {
+        fn resolve(&self, client_hello: &ClientHello<'_>) -> Option<Arc<sign::CertifiedKey>> {
             if let Some(name) = client_hello.server_name() {
                 self.by_name.get(name).cloned()
             } else {
@@ -274,7 +267,7 @@ mod sni_resolver {
             let rscsni = ResolvesServerCertUsingSni::new();
             assert!(
                 rscsni
-                    .resolve(ClientHello {
+                    .resolve(&ClientHello {
                         server_name: &None,
                         signature_schemes: &[],
                         alpn: None,
@@ -296,7 +289,7 @@ mod sni_resolver {
                 .to_owned();
             assert!(
                 rscsni
-                    .resolve(ClientHello {
+                    .resolve(&ClientHello {
                         server_name: &Some(name),
                         signature_schemes: &[],
                         alpn: None,
diff --git a/rustls/src/server/hs.rs b/rustls/src/server/hs.rs
index d98336e461b..ac173aa8167 100644
--- a/rustls/src/server/hs.rs
+++ b/rustls/src/server/hs.rs
@@ -72,12 +72,8 @@ impl ExtensionProcessing {
         } = extra_exts;
 
         let mut extensions = Box::new(ServerExtensions::default());
-        match transport_parameters {
-            Some(TransportParameters::Quic(v)) => extensions.transport_parameters = Some(v),
-            Some(TransportParameters::QuicDraft(v)) => {
-                extensions.transport_parameters_draft = Some(v)
-            }
-            None => {}
+        if let Some(TransportParameters::Quic(v)) = transport_parameters {
+            extensions.transport_parameters = Some(v);
         }
 
         Self {
@@ -136,13 +132,7 @@ impl ExtensionProcessing {
                 ));
             }
 
-            let transport_params = hello
-                .transport_parameters
-                .as_ref()
-                .or(hello
-                    .transport_parameters_draft
-                    .as_ref());
-            match transport_params {
+            match hello.transport_parameters.as_ref() {
                 Some(params) => cx.common.quic.params = Some(params.to_owned().into_vec()),
                 None => {
                     return Err(cx
@@ -443,7 +433,7 @@ impl ExpectClientHello {
             let certkey = self
                 .config
                 .cert_resolver
-                .resolve(client_hello);
+                .resolve(&client_hello);
 
             certkey.ok_or_else(|| {
                 cx.common.send_fatal_alert(
@@ -552,7 +542,9 @@ impl ExpectClientHello {
                 .kx_groups
                 .iter()
                 .find(|skxg| {
-                    skxg.usable_for_version(selected_version) && skxg.name() == *offered_group
+                    let named_group = skxg.name();
+                    named_group == *offered_group
+                        && named_group.usable_for_version(selected_version)
                 });
 
             match offered_group.key_exchange_algorithm() {
diff --git a/rustls/src/server/server_conn.rs b/rustls/src/server/server_conn.rs
index d1024b14319..6a7ca8b5e21 100644
--- a/rustls/src/server/server_conn.rs
+++ b/rustls/src/server/server_conn.rs
@@ -126,7 +126,7 @@ pub trait ResolvesServerCert: Debug + Send + Sync {
     /// ClientHello information.
     ///
     /// Return `None` to abort the handshake.
-    fn resolve(&self, client_hello: ClientHello<'_>) -> Option<Arc<sign::CertifiedKey>>;
+    fn resolve(&self, client_hello: &ClientHello<'_>) -> Option<Arc<sign::CertifiedKey>>;
 
     /// Return true when the server only supports raw public keys.
     fn only_raw_public_keys(&self) -> bool {
@@ -154,10 +154,8 @@ impl<'a> ClientHello<'a> {
     /// Get the server name indicator.
     ///
     /// Returns `None` if the client did not supply a SNI.
-    pub fn server_name(&self) -> Option<&str> {
-        self.server_name
-            .as_ref()
-            .map(<DnsName<'_> as AsRef<str>>::as_ref)
+    pub fn server_name(&self) -> Option<&DnsName<'_>> {
+        self.server_name.as_ref()
     }
 
     /// Get the compatible signature schemes.
@@ -589,6 +587,8 @@ mod connection {
     use core::ops::{Deref, DerefMut};
     use std::io;
 
+    use pki_types::DnsName;
+
     use super::{
         Accepted, Accepting, EarlyDataState, ServerConfig, ServerConnectionData,
         ServerExtensionsInput,
@@ -662,8 +662,8 @@ mod connection {
         /// when the client provides the SNI extension.
         ///
         /// The server name is also used to match sessions during session resumption.
-        pub fn server_name(&self) -> Option<&str> {
-            self.inner.core.get_sni_str()
+        pub fn server_name(&self) -> Option<&DnsName<'_>> {
+            self.inner.core.data.sni.as_ref()
         }
 
         /// Application-controlled portion of the resumption ticket supplied by the client, if any.
@@ -779,7 +779,7 @@ mod connection {
     /// # Example
     ///
     /// ```no_run
-    /// # #[cfg(feature = "aws_lc_rs")] {
+    /// # #[cfg(feature = "aws-lc-rs")] {
     /// # fn choose_server_config(
     /// #     _: rustls::server::ClientHello,
     /// # ) -> std::sync::Arc<rustls::ServerConfig> {
@@ -840,8 +840,7 @@ mod connection {
         pub fn read_tls(&mut self, rd: &mut dyn io::Read) -> Result<usize, io::Error> {
             match &mut self.inner {
                 Some(conn) => conn.read_tls(rd),
-                None => Err(io::Error::new(
-                    io::ErrorKind::Other,
+                None => Err(io::Error::other(
                     "acceptor cannot read after successful acceptance",
                 )),
             }
@@ -1232,29 +1231,17 @@ impl ConnectionCore<ServerConnectionData> {
         );
         self.data.early_data.reject();
     }
-
-    #[cfg(feature = "std")]
-    pub(crate) fn get_sni_str(&self) -> Option<&str> {
-        self.data.get_sni_str()
-    }
 }
 
 /// State associated with a server connection.
 #[derive(Default, Debug)]
 pub struct ServerConnectionData {
-    pub(super) sni: Option<DnsName<'static>>,
+    pub(crate) sni: Option<DnsName<'static>>,
     pub(super) received_resumption_data: Option<Vec<u8>>,
     pub(super) resumption_data: Vec<u8>,
     pub(super) early_data: EarlyDataState,
 }
 
-impl ServerConnectionData {
-    #[cfg(feature = "std")]
-    pub(super) fn get_sni_str(&self) -> Option<&str> {
-        self.sni.as_ref().map(AsRef::as_ref)
-    }
-}
-
 impl crate::conn::SideData for ServerConnectionData {}
 
 #[cfg(feature = "std")]
diff --git a/rustls/src/server/test.rs b/rustls/src/server/test.rs
index 9254dbc64be..f7665d94bd8 100644
--- a/rustls/src/server/test.rs
+++ b/rustls/src/server/test.rs
@@ -70,6 +70,7 @@ mod tests {
         ActiveKeyExchange, CryptoProvider, KeyExchangeAlgorithm, SupportedKxGroup,
     };
     use crate::enums::CertificateType;
+    use crate::ffdhe_groups::FfdheGroup;
     use crate::pki_types::pem::PemObject;
     use crate::pki_types::{CertificateDer, PrivateKeyDer};
     use crate::server::{AlwaysResolvesServerRawPublicKeys, ServerConfig, ServerConnection};
@@ -294,6 +295,10 @@ mod tests {
     struct FakeFfdheGroup;
 
     impl SupportedKxGroup for FakeFfdheGroup {
+        fn ffdhe_group(&self) -> Option<FfdheGroup<'static>> {
+            Some(crate::ffdhe_groups::FFDHE2048)
+        }
+
         fn name(&self) -> NamedGroup {
             NamedGroup::FFDHE2048
         }
@@ -319,6 +324,10 @@ mod tests {
             b"ActiveFakeFfdhe pub key"
         }
 
+        fn ffdhe_group(&self) -> Option<FfdheGroup<'static>> {
+            Some(crate::ffdhe_groups::FFDHE2048)
+        }
+
         fn group(&self) -> NamedGroup {
             NamedGroup::FFDHE2048
         }
diff --git a/rustls/src/server/tls12.rs b/rustls/src/server/tls12.rs
index d3dfa5c83dd..95bfcb90f8b 100644
--- a/rustls/src/server/tls12.rs
+++ b/rustls/src/server/tls12.rs
@@ -886,7 +886,7 @@ impl State<ServerConnectionData> for ExpectFinished {
                 .config
                 .session_storage
                 .put(self.session_id.as_ref().to_vec(), value.get_encoding());
-            #[cfg_attr(not(feature = "logging"), allow(clippy::if_same_then_else))]
+            #[cfg_attr(not(feature = "log"), allow(clippy::if_same_then_else))]
             if worked {
                 debug!("Session saved");
             } else {
diff --git a/rustls/src/server/tls13.rs b/rustls/src/server/tls13.rs
index bc5d53870a7..d39acfc10d4 100644
--- a/rustls/src/server/tls13.rs
+++ b/rustls/src/server/tls13.rs
@@ -715,8 +715,12 @@ mod client_hello {
                             .collect(),
                     ),
                 },
-                authority_names: match config.verifier.root_hint_subjects() {
-                    &[] => None,
+                authority_names: match config
+                    .verifier
+                    .root_hint_subjects()
+                    .as_ref()
+                {
+                    [] => None,
                     authorities => Some(authorities.to_vec()),
                 },
             },
diff --git a/rustls/src/test_macros.rs b/rustls/src/test_macros.rs
index 237578e008c..5171c3a7cb5 100644
--- a/rustls/src/test_macros.rs
+++ b/rustls/src/test_macros.rs
@@ -16,7 +16,7 @@ macro_rules! test_for_each_provider {
             $($tt)+
         }
 
-        #[cfg(feature = "aws_lc_rs")]
+        #[cfg(feature = "aws-lc-rs")]
         mod test_with_aws_lc_rs {
             use crate::crypto::aws_lc_rs as provider;
             #[allow(unused_imports)]
@@ -42,7 +42,7 @@ macro_rules! bench_for_each_provider {
             $($tt)+
         }
 
-        #[cfg(feature = "aws_lc_rs")]
+        #[cfg(feature = "aws-lc-rs")]
         mod bench_with_aws_lc_rs {
             use crate::crypto::aws_lc_rs as provider;
             #[allow(unused_imports)]
diff --git a/rustls/src/ticketer.rs b/rustls/src/ticketer.rs
index d1b5e143574..13f686b0a8a 100644
--- a/rustls/src/ticketer.rs
+++ b/rustls/src/ticketer.rs
@@ -6,230 +6,11 @@ use std::sync::{RwLock, RwLockReadGuard};
 
 use pki_types::UnixTime;
 
-use crate::lock::{Mutex, MutexGuard};
 use crate::server::ProducesTickets;
 #[cfg(not(feature = "std"))]
 use crate::time_provider::TimeProvider;
 use crate::{Error, rand};
 
-#[derive(Debug)]
-pub(crate) struct TicketSwitcherState {
-    next: Option<Box<dyn ProducesTickets>>,
-    current: Box<dyn ProducesTickets>,
-    previous: Option<Box<dyn ProducesTickets>>,
-    next_switch_time: u64,
-}
-
-/// A ticketer that has a 'current' sub-ticketer and a single
-/// 'previous' ticketer.  It creates a new ticketer every so
-/// often, demoting the current ticketer.
-#[cfg_attr(feature = "std", derive(Debug))]
-pub struct TicketSwitcher {
-    pub(crate) generator: fn() -> Result<Box<dyn ProducesTickets>, rand::GetRandomFailed>,
-    lifetime: u32,
-    state: Mutex<TicketSwitcherState>,
-    #[cfg(not(feature = "std"))]
-    time_provider: &'static dyn TimeProvider,
-}
-
-impl TicketSwitcher {
-    /// Creates a new `TicketSwitcher`, which rotates through sub-ticketers
-    /// based on the passage of time.
-    ///
-    /// `lifetime` is in seconds, and is how long the current ticketer
-    /// is used to generate new tickets.  Tickets are accepted for no
-    /// longer than twice this duration.  `generator` produces a new
-    /// `ProducesTickets` implementation.
-    #[cfg(feature = "std")]
-    #[deprecated(note = "use TicketRotator instead")]
-    pub fn new(
-        lifetime: u32,
-        generator: fn() -> Result<Box<dyn ProducesTickets>, rand::GetRandomFailed>,
-    ) -> Result<Self, Error> {
-        Ok(Self {
-            generator,
-            lifetime,
-            state: Mutex::new(TicketSwitcherState {
-                next: Some(generator()?),
-                current: generator()?,
-                previous: None,
-                next_switch_time: UnixTime::now()
-                    .as_secs()
-                    .saturating_add(u64::from(lifetime)),
-            }),
-        })
-    }
-
-    /// Creates a new `TicketSwitcher`, which rotates through sub-ticketers
-    /// based on the passage of time.
-    ///
-    /// `lifetime` is in seconds, and is how long the current ticketer
-    /// is used to generate new tickets.  Tickets are accepted for no
-    /// longer than twice this duration.  `generator` produces a new
-    /// `ProducesTickets` implementation.
-    #[cfg(not(feature = "std"))]
-    pub fn new<M: crate::lock::MakeMutex>(
-        lifetime: u32,
-        generator: fn() -> Result<Box<dyn ProducesTickets>, rand::GetRandomFailed>,
-        time_provider: &'static dyn TimeProvider,
-    ) -> Result<Self, Error> {
-        Ok(Self {
-            generator,
-            lifetime,
-            state: Mutex::new::<M>(TicketSwitcherState {
-                next: Some(generator()?),
-                current: generator()?,
-                previous: None,
-                next_switch_time: time_provider
-                    .current_time()
-                    .unwrap()
-                    .as_secs()
-                    .saturating_add(u64::from(lifetime)),
-            }),
-            time_provider,
-        })
-    }
-
-    /// If it's time, demote the `current` ticketer to `previous` (so it
-    /// does no new encryptions but can do decryption) and use next for a
-    /// new `current` ticketer.
-    ///
-    /// Calling this regularly will ensure timely key erasure.  Otherwise,
-    /// key erasure will be delayed until the next encrypt/decrypt call.
-    ///
-    /// For efficiency, this is also responsible for locking the state mutex
-    /// and returning the mutexguard.
-    pub(crate) fn maybe_roll(&self, now: UnixTime) -> Option<MutexGuard<'_, TicketSwitcherState>> {
-        // The code below aims to make switching as efficient as possible
-        // in the common case that the generator never fails. To achieve this
-        // we run the following steps:
-        //  1. If no switch is necessary, just return the mutexguard
-        //  2. Shift over all of the ticketers (so current becomes previous,
-        //     and next becomes current). After this, other threads can
-        //     start using the new current ticketer.
-        //  3. unlock mutex and generate new ticketer.
-        //  4. Place new ticketer in next and return current
-        //
-        // There are a few things to note here. First, we don't check whether
-        // a new switch might be needed in step 4, even though, due to locking
-        // and entropy collection, significant amounts of time may have passed.
-        // This is to guarantee that the thread doing the switch will eventually
-        // make progress.
-        //
-        // Second, because next may be None, step 2 can fail. In that case
-        // we enter a recovery mode where we generate 2 new ticketers, one for
-        // next and one for the current ticketer. We then take the mutex a
-        // second time and redo the time check to see if a switch is still
-        // necessary.
-        //
-        // This somewhat convoluted approach ensures good availability of the
-        // mutex, by ensuring that the state is usable and the mutex not held
-        // during generation. It also ensures that, so long as the inner
-        // ticketer never generates panics during encryption/decryption,
-        // we are guaranteed to never panic when holding the mutex.
-
-        let now = now.as_secs();
-        let mut are_recovering = false; // Are we recovering from previous failure?
-        {
-            // Scope the mutex so we only take it for as long as needed
-            let mut state = self.state.lock()?;
-
-            // Fast path in case we do not need to switch to the next ticketer yet
-            if now <= state.next_switch_time {
-                return Some(state);
-            }
-
-            // Make the switch, or mark for recovery if not possible
-            match state.next.take() {
-                Some(next) => {
-                    state.previous = Some(mem::replace(&mut state.current, next));
-                    state.next_switch_time = now.saturating_add(u64::from(self.lifetime));
-                }
-                _ => are_recovering = true,
-            }
-        }
-
-        // We always need a next, so generate it now
-        let next = (self.generator)().ok()?;
-        if !are_recovering {
-            // Normal path, generate new next and place it in the state
-            let mut state = self.state.lock()?;
-            state.next = Some(next);
-            Some(state)
-        } else {
-            // Recovering, generate also a new current ticketer, and modify state
-            // as needed. (we need to redo the time check, otherwise this might
-            // result in very rapid switching of ticketers)
-            let new_current = (self.generator)().ok()?;
-            let mut state = self.state.lock()?;
-            state.next = Some(next);
-            if now > state.next_switch_time {
-                state.previous = Some(mem::replace(&mut state.current, new_current));
-                state.next_switch_time = now.saturating_add(u64::from(self.lifetime));
-            }
-            Some(state)
-        }
-    }
-}
-
-impl ProducesTickets for TicketSwitcher {
-    fn lifetime(&self) -> u32 {
-        self.lifetime * 2
-    }
-
-    fn enabled(&self) -> bool {
-        true
-    }
-
-    fn encrypt(&self, message: &[u8]) -> Option<Vec<u8>> {
-        #[cfg(feature = "std")]
-        let now = UnixTime::now();
-        #[cfg(not(feature = "std"))]
-        let now = self
-            .time_provider
-            .current_time()
-            .unwrap();
-
-        self.maybe_roll(now)?
-            .current
-            .encrypt(message)
-    }
-
-    fn decrypt(&self, ciphertext: &[u8]) -> Option<Vec<u8>> {
-        #[cfg(feature = "std")]
-        let now = UnixTime::now();
-        #[cfg(not(feature = "std"))]
-        let now = self
-            .time_provider
-            .current_time()
-            .unwrap();
-
-        let state = self.maybe_roll(now)?;
-
-        // Decrypt with the current key; if that fails, try with the previous.
-        state
-            .current
-            .decrypt(ciphertext)
-            .or_else(|| {
-                state
-                    .previous
-                    .as_ref()
-                    .and_then(|previous| previous.decrypt(ciphertext))
-            })
-    }
-}
-
-#[cfg(not(feature = "std"))]
-impl core::fmt::Debug for TicketSwitcher {
-    fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
-        f.debug_struct("TicketSwitcher")
-            .field("generator", &self.generator)
-            .field("lifetime", &self.lifetime)
-            .field("state", &**self.state.lock().unwrap())
-            .finish()
-    }
-}
-
 #[cfg(feature = "std")]
 #[derive(Debug)]
 pub(crate) struct TicketRotatorState {
diff --git a/rustls/src/vecbuf.rs b/rustls/src/vecbuf.rs
index 8a4a1f3e4b8..17d7c05a884 100644
--- a/rustls/src/vecbuf.rs
+++ b/rustls/src/vecbuf.rs
@@ -210,10 +210,9 @@ impl ChunkVecBuffer {
             // case the caller ignores the error.
             // See <https://github.com/rustls/rustls/issues/2316> for background.
             self.consume(available_bytes);
-            return Err(io::Error::new(
-                io::ErrorKind::Other,
-                std::format!("illegal write_vectored return value ({used} > {available_bytes})"),
-            ));
+            return Err(io::Error::other(std::format!(
+                "illegal write_vectored return value ({used} > {available_bytes})"
+            )));
         }
         self.consume(used);
         Ok(used)
diff --git a/rustls/src/verify.rs b/rustls/src/verify.rs
index ce07e3a0eb0..9bf4aa414bc 100644
--- a/rustls/src/verify.rs
+++ b/rustls/src/verify.rs
@@ -8,6 +8,7 @@ use crate::error::{Error, InvalidMessage};
 use crate::msgs::base::PayloadU16;
 use crate::msgs::codec::{Codec, Reader};
 use crate::msgs::handshake::DistinguishedName;
+use crate::sync::Arc;
 
 // Marker types.  These are used to bind the fact some verification
 // (certificate chain or handshake signature) has taken place into
@@ -74,6 +75,9 @@ pub trait ServerCertVerifier: Debug + Send + Sync {
     /// were sent as part of the server's [Certificate] message. It is in the
     /// same order that the server sent them and may be empty.
     ///
+    /// `ocsp_response` is empty if no OCSP response was received, and that also
+    /// covers the case where `request_ocsp_response()` returns false.
+    ///
     /// Note that none of the certificates have been parsed yet, so it is the responsibility of
     /// the implementer to handle invalid data. It is recommended that the implementer returns
     /// [`Error::InvalidCertificate(CertificateError::BadEncoding)`] when these cases are encountered.
@@ -137,6 +141,12 @@ pub trait ServerCertVerifier: Debug + Send + Sync {
     /// This should be in priority order, with the most preferred first.
     fn supported_verify_schemes(&self) -> Vec<SignatureScheme>;
 
+    /// Return true if this verifier will process stapled OCSP responses.
+    ///
+    /// This controls whether a client will ask the server for a stapled OCSP response.
+    /// There is no guarantee the server will provide one.
+    fn request_ocsp_response(&self) -> bool;
+
     /// Returns whether this verifier requires raw public keys as defined
     /// in [RFC 7250](https://tools.ietf.org/html/rfc7250).
     fn requires_raw_public_keys(&self) -> bool {
@@ -149,7 +159,7 @@ pub trait ServerCertVerifier: Debug + Send + Sync {
     /// Note that this is only applicable to TLS 1.3.
     ///
     /// [`certificate_authorities`]: https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.4
-    fn root_hint_subjects(&self) -> Option<&[DistinguishedName]> {
+    fn root_hint_subjects(&self) -> Option<Arc<[DistinguishedName]>> {
         None
     }
 }
@@ -199,7 +209,7 @@ pub trait ClientCertVerifier: Debug + Send + Sync {
     /// [RFC 5280 A.1]: https://www.rfc-editor.org/rfc/rfc5280#appendix-A.1
     /// [`CertificateRequest`]: https://datatracker.ietf.org/doc/html/rfc8446#section-4.3.2
     /// [`certificate_authorities`]: https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.4
-    fn root_hint_subjects(&self) -> &[DistinguishedName];
+    fn root_hint_subjects(&self) -> Arc<[DistinguishedName]>;
 
     /// Verify the end-entity certificate `end_entity` is valid, acceptable,
     /// and chains to at least one of the trust anchors trusted by
@@ -287,7 +297,7 @@ impl ClientCertVerifier for NoClientAuth {
         false
     }
 
-    fn root_hint_subjects(&self) -> &[DistinguishedName] {
+    fn root_hint_subjects(&self) -> Arc<[DistinguishedName]> {
         unimplemented!();
     }
 
diff --git a/rustls/src/webpki/anchors.rs b/rustls/src/webpki/anchors.rs
index b526ed252ab..494bfd4b145 100644
--- a/rustls/src/webpki/anchors.rs
+++ b/rustls/src/webpki/anchors.rs
@@ -37,7 +37,7 @@ impl RootCertStore {
         let mut invalid_count = 0;
 
         for der_cert in der_certs {
-            #[cfg_attr(not(feature = "logging"), allow(unused_variables))]
+            #[cfg_attr(not(feature = "log"), allow(unused_variables))]
             match anchor_from_trusted_cert(&der_cert) {
                 Ok(anchor) => {
                     self.roots.push(anchor.to_owned());
diff --git a/rustls/src/webpki/client_verifier.rs b/rustls/src/webpki/client_verifier.rs
index 060f0f77937..788c488bb5a 100644
--- a/rustls/src/webpki/client_verifier.rs
+++ b/rustls/src/webpki/client_verifier.rs
@@ -176,7 +176,7 @@ impl ClientCertVerifierBuilder {
 
         Ok(Arc::new(WebPkiClientVerifier::new(
             self.roots,
-            self.root_hint_subjects,
+            Arc::from(self.root_hint_subjects),
             parse_crls(self.crls)?,
             self.revocation_check_depth,
             self.unknown_revocation_policy,
@@ -200,7 +200,7 @@ impl ClientCertVerifierBuilder {
 ///
 /// To require all clients present a client certificate issued by a trusted CA:
 /// ```no_run
-/// # #[cfg(any(feature = "ring", feature = "aws_lc_rs"))] {
+/// # #[cfg(any(feature = "ring", feature = "aws-lc-rs"))] {
 /// # use rustls::RootCertStore;
 /// # use rustls::server::WebPkiClientVerifier;
 /// # let roots = RootCertStore::empty();
@@ -213,7 +213,7 @@ impl ClientCertVerifierBuilder {
 /// Or, to allow clients presenting a client certificate authenticated by a trusted CA, or
 /// anonymous clients that present no client certificate:
 /// ```no_run
-/// # #[cfg(any(feature = "ring", feature = "aws_lc_rs"))] {
+/// # #[cfg(any(feature = "ring", feature = "aws-lc-rs"))] {
 /// # use rustls::RootCertStore;
 /// # use rustls::server::WebPkiClientVerifier;
 /// # let roots = RootCertStore::empty();
@@ -235,7 +235,7 @@ impl ClientCertVerifierBuilder {
 /// You can also configure the client verifier to check for certificate revocation with
 /// client certificate revocation lists (CRLs):
 /// ```no_run
-/// # #[cfg(any(feature = "ring", feature = "aws_lc_rs"))] {
+/// # #[cfg(any(feature = "ring", feature = "aws-lc-rs"))] {
 /// # use rustls::RootCertStore;
 /// # use rustls::server::{WebPkiClientVerifier};
 /// # let roots = RootCertStore::empty();
@@ -251,7 +251,7 @@ impl ClientCertVerifierBuilder {
 #[derive(Debug)]
 pub struct WebPkiClientVerifier {
     roots: Arc<RootCertStore>,
-    root_hint_subjects: Vec<DistinguishedName>,
+    root_hint_subjects: Arc<[DistinguishedName]>,
     crls: Vec<CertRevocationList<'static>>,
     revocation_check_depth: RevocationCheckDepth,
     unknown_revocation_policy: UnknownStatusPolicy,
@@ -320,7 +320,7 @@ impl WebPkiClientVerifier {
     /// * `supported_algs` specifies which signature verification algorithms should be used.
     pub(crate) fn new(
         roots: Arc<RootCertStore>,
-        root_hint_subjects: Vec<DistinguishedName>,
+        root_hint_subjects: Arc<[DistinguishedName]>,
         crls: Vec<CertRevocationList<'static>>,
         revocation_check_depth: RevocationCheckDepth,
         unknown_revocation_policy: UnknownStatusPolicy,
@@ -353,8 +353,8 @@ impl ClientCertVerifier for WebPkiClientVerifier {
         }
     }
 
-    fn root_hint_subjects(&self) -> &[DistinguishedName] {
-        &self.root_hint_subjects
+    fn root_hint_subjects(&self) -> Arc<[DistinguishedName]> {
+        self.root_hint_subjects.clone()
     }
 
     fn verify_client_cert(
diff --git a/rustls/src/webpki/server_verifier.rs b/rustls/src/webpki/server_verifier.rs
index 5aa9235054e..0fcacedc848 100644
--- a/rustls/src/webpki/server_verifier.rs
+++ b/rustls/src/webpki/server_verifier.rs
@@ -4,7 +4,6 @@ use pki_types::{CertificateDer, CertificateRevocationListDer, ServerName, UnixTi
 use webpki::{CertRevocationList, ExpirationPolicy, RevocationCheckDepth, UnknownStatusPolicy};
 
 use crate::crypto::{CryptoProvider, WebPkiSupportedAlgorithms};
-use crate::log::trace;
 use crate::sync::Arc;
 use crate::verify::{
     DigitallySignedStruct, HandshakeSignatureValid, ServerCertVerified, ServerCertVerifier,
@@ -234,7 +233,7 @@ impl ServerCertVerifier for WebPkiServerVerifier {
         end_entity: &CertificateDer<'_>,
         intermediates: &[CertificateDer<'_>],
         server_name: &ServerName<'_>,
-        ocsp_response: &[u8],
+        _ocsp_response: &[u8],
         now: UnixTime,
     ) -> Result<ServerCertVerified, Error> {
         let cert = ParsedCertificate::try_from(end_entity)?;
@@ -269,10 +268,6 @@ impl ServerCertVerifier for WebPkiServerVerifier {
             self.supported.all,
         )?;
 
-        if !ocsp_response.is_empty() {
-            trace!("Unvalidated OCSP response: {:?}", ocsp_response.to_vec());
-        }
-
         verify_server_name(&cert, server_name)?;
         Ok(ServerCertVerified::assertion())
     }
@@ -298,6 +293,10 @@ impl ServerCertVerifier for WebPkiServerVerifier {
     fn supported_verify_schemes(&self) -> Vec<SignatureScheme> {
         self.supported.supported_schemes()
     }
+
+    fn request_ocsp_response(&self) -> bool {
+        false
+    }
 }
 
 #[cfg(test)]
diff --git a/rustls/tests/api.rs b/rustls/tests/api.rs
index c6def2d2121..edbd91ddf52 100644
--- a/rustls/tests/api.rs
+++ b/rustls/tests/api.rs
@@ -9,7 +9,7 @@ use std::sync::Mutex;
 use std::sync::atomic::{AtomicUsize, Ordering};
 use std::{fmt, mem};
 
-use pki_types::{CertificateDer, IpAddr, ServerName, UnixTime};
+use pki_types::{CertificateDer, DnsName, IpAddr, ServerName, SubjectPublicKeyInfoDer, UnixTime};
 use rustls::client::{ResolvesClientCert, Resumption, verify_server_cert_signed_by_trust_anchor};
 use rustls::crypto::{ActiveKeyExchange, CryptoProvider, SharedSecret, SupportedKxGroup};
 use rustls::internal::msgs::base::Payload;
@@ -25,7 +25,7 @@ use rustls::{
     ServerConnection, SideData, SignatureScheme, Stream, StreamOwned, SupportedCipherSuite,
     SupportedProtocolVersion, sign,
 };
-#[cfg(feature = "aws_lc_rs")]
+#[cfg(feature = "aws-lc-rs")]
 use rustls::{
     client::{EchConfig, EchGreaseConfig, EchMode},
     crypto::aws_lc_rs::hpke::ALL_SUPPORTED_SUITES,
@@ -33,7 +33,7 @@ use rustls::{
     internal::msgs::handshake::{
         EchConfigContents, EchConfigPayload, HpkeKeyConfig, HpkeSymmetricCipherSuite,
     },
-    pki_types::{DnsName, EchConfigListBytes},
+    pki_types::EchConfigListBytes,
 };
 use webpki::anchor_from_trusted_cert;
 
@@ -669,7 +669,7 @@ fn client_only_attempts_resumption_with_compatible_security() {
             make_pair_for_configs(client_config.clone(), server_config.clone());
         do_handshake(&mut client, &mut server);
         assert_eq!(client.handshake_kind(), Some(HandshakeKind::Full));
-        #[cfg(feature = "logging")]
+        #[cfg(feature = "log")]
         assert!(COUNTS.with(|c| {
             c.borrow().trace.iter().any(|item| {
                 item == "resumption not allowed between different ResolvesClientCert values"
@@ -689,7 +689,7 @@ fn client_only_attempts_resumption_with_compatible_security() {
             make_pair_for_configs(client_config.clone(), server_config.clone());
         do_handshake(&mut client, &mut server);
         assert_eq!(client.handshake_kind(), Some(HandshakeKind::Full));
-        #[cfg(feature = "logging")]
+        #[cfg(feature = "log")]
         assert!(COUNTS.with(|c| {
             c.borrow()
                 .trace
@@ -1151,7 +1151,7 @@ fn build_alert(level: AlertLevel, desc: AlertDescription, suffix: &[u8]) -> Vec<
 
 #[derive(Default, Debug)]
 struct ServerCheckCertResolve {
-    expected_sni: Option<String>,
+    expected_sni: Option<DnsName<'static>>,
     expected_sigalgs: Option<Vec<SignatureScheme>>,
     expected_alpn: Option<Vec<Vec<u8>>>,
     expected_cipher_suites: Option<Vec<CipherSuite>>,
@@ -1161,7 +1161,7 @@ struct ServerCheckCertResolve {
 }
 
 impl ResolvesServerCert for ServerCheckCertResolve {
-    fn resolve(&self, client_hello: ClientHello) -> Option<Arc<sign::CertifiedKey>> {
+    fn resolve(&self, client_hello: &ClientHello) -> Option<Arc<sign::CertifiedKey>> {
         if client_hello
             .signature_schemes()
             .is_empty()
@@ -1174,7 +1174,7 @@ impl ResolvesServerCert for ServerCheckCertResolve {
         }
 
         if let Some(expected_sni) = &self.expected_sni {
-            let sni: &str = client_hello
+            let sni = client_hello
                 .server_name()
                 .expect("sni unexpectedly absent");
             assert_eq!(expected_sni, sni);
@@ -1249,12 +1249,12 @@ fn server_cert_resolve_with_sni() {
         let mut server_config = make_server_config(*kt, &provider);
 
         server_config.cert_resolver = Arc::new(ServerCheckCertResolve {
-            expected_sni: Some("the-value-from-sni".into()),
+            expected_sni: Some(DnsName::try_from("the.value.from.sni").unwrap()),
             ..Default::default()
         });
 
         let mut client =
-            ClientConnection::new(Arc::new(client_config), server_name("the-value-from-sni"))
+            ClientConnection::new(Arc::new(client_config), server_name("the.value.from.sni"))
                 .unwrap();
         let mut server = ServerConnection::new(Arc::new(server_config)).unwrap();
 
@@ -1317,7 +1317,7 @@ fn client_trims_terminating_dot() {
         let mut server_config = make_server_config(*kt, &provider);
 
         server_config.cert_resolver = Arc::new(ServerCheckCertResolve {
-            expected_sni: Some("some-host.com".into()),
+            expected_sni: Some(DnsName::try_from("some-host.com").unwrap()),
             ..Default::default()
         });
 
@@ -1409,7 +1409,7 @@ fn server_cert_resolve_reduces_sigalgs_for_ecdsa_ciphersuite() {
 struct ServerCheckNoSni {}
 
 impl ResolvesServerCert for ServerCheckNoSni {
-    fn resolve(&self, client_hello: ClientHello) -> Option<Arc<sign::CertifiedKey>> {
+    fn resolve(&self, client_hello: &ClientHello) -> Option<Arc<sign::CertifiedKey>> {
         assert!(client_hello.server_name().is_none());
 
         None
@@ -3255,7 +3255,10 @@ fn server_exposes_offered_sni() {
 
         assert_eq!(None, server.server_name());
         do_handshake(&mut client, &mut server);
-        assert_eq!(Some("second.testserver.com"), server.server_name());
+        assert_eq!(
+            Some(&DnsName::try_from("second.testserver.com").unwrap()),
+            server.server_name()
+        );
     }
 }
 
@@ -3276,7 +3279,10 @@ fn server_exposes_offered_sni_smashed_to_lowercase() {
 
         assert_eq!(None, server.server_name());
         do_handshake(&mut client, &mut server);
-        assert_eq!(Some("second.testserver.com"), server.server_name());
+        assert_eq!(
+            Some(&DnsName::try_from("second.testserver.com").unwrap()),
+            server.server_name()
+        );
     }
 }
 
@@ -3305,7 +3311,10 @@ fn server_exposes_offered_sni_even_if_resolver_fails() {
                 "no server certificate chain resolved".to_string()
             ))
         );
-        assert_eq!(Some("thisdoesnotexist.com"), server.server_name());
+        assert_eq!(
+            Some(&DnsName::try_from("thisdoesnotexist.com").unwrap()),
+            server.server_name()
+        );
     }
 }
 
@@ -3318,7 +3327,7 @@ fn sni_resolver_works() {
     let signing_key: Arc<dyn sign::SigningKey> = Arc::new(signing_key);
     resolver
         .add(
-            "localhost",
+            DnsName::try_from("localhost").unwrap(),
             sign::CertifiedKey::new(kt.get_chain(), signing_key.clone()),
         )
         .unwrap();
@@ -3361,7 +3370,7 @@ fn sni_resolver_rejects_wrong_names() {
     assert_eq!(
         Ok(()),
         resolver.add(
-            "localhost",
+            DnsName::try_from("localhost").unwrap(),
             sign::CertifiedKey::new(kt.get_chain(), signing_key.clone())
         )
     );
@@ -3370,14 +3379,7 @@ fn sni_resolver_rejects_wrong_names() {
             "not-localhost"
         ))),
         resolver.add(
-            "not-localhost",
-            sign::CertifiedKey::new(kt.get_chain(), signing_key.clone())
-        )
-    );
-    assert_eq!(
-        Err(Error::General("Bad DNS name".into())),
-        resolver.add(
-            "not ascii 🦀",
+            DnsName::try_from("not-localhost").unwrap(),
             sign::CertifiedKey::new(kt.get_chain(), signing_key.clone())
         )
     );
@@ -3410,7 +3412,7 @@ fn sni_resolver_lower_cases_configured_names() {
     assert_eq!(
         Ok(()),
         resolver.add(
-            "LOCALHOST",
+            DnsName::try_from("LOCALHOST").unwrap(),
             sign::CertifiedKey::new(kt.get_chain(), signing_key.clone())
         )
     );
@@ -3441,7 +3443,7 @@ fn sni_resolver_lower_cases_queried_names() {
     assert_eq!(
         Ok(()),
         resolver.add(
-            "localhost",
+            DnsName::try_from("localhost").unwrap(),
             sign::CertifiedKey::new(kt.get_chain(), signing_key.clone())
         )
     );
@@ -3470,7 +3472,7 @@ fn sni_resolver_rejects_bad_certs() {
     assert_eq!(
         Err(Error::NoCertificatesPresented),
         resolver.add(
-            "localhost",
+            DnsName::try_from("localhost").unwrap(),
             sign::CertifiedKey::new(vec![], signing_key.clone())
         )
     );
@@ -3479,7 +3481,7 @@ fn sni_resolver_rejects_bad_certs() {
     assert_eq!(
         Err(Error::InvalidCertificate(CertificateError::BadEncoding)),
         resolver.add(
-            "localhost",
+            DnsName::try_from("localhost").unwrap(),
             sign::CertifiedKey::new(bad_chain, signing_key.clone())
         )
     );
@@ -3518,6 +3520,10 @@ impl sign::SigningKey for SigningKeyNoneSpki {
         unimplemented!("Not meant to be called during tests")
     }
 
+    fn public_key(&self) -> Option<SubjectPublicKeyInfoDer<'_>> {
+        None
+    }
+
     fn algorithm(&self) -> rustls::SignatureAlgorithm {
         unimplemented!("Not meant to be called during tests")
     }
@@ -5577,7 +5583,10 @@ fn test_client_config_keyshare_mismatch() {
 fn exercise_all_key_exchange_methods() {
     for version in rustls::ALL_VERSIONS {
         for kx_group in provider::ALL_KX_GROUPS {
-            if !kx_group.usable_for_version(version.version) {
+            if !kx_group
+                .name()
+                .usable_for_version(version.version)
+            {
                 continue;
             }
 
@@ -6253,7 +6262,10 @@ fn test_acceptor() {
         .unwrap();
     let accepted = acceptor.accept().unwrap().unwrap();
     let ch = accepted.client_hello();
-    assert_eq!(ch.server_name(), Some("localhost"));
+    assert_eq!(
+        ch.server_name(),
+        Some(&DnsName::try_from("localhost").unwrap())
+    );
     assert_eq!(
         ch.named_groups().unwrap(),
         provider::default_provider()
@@ -6366,7 +6378,10 @@ fn test_acceptor_rejected_handshake() {
         .unwrap();
     let accepted = acceptor.accept().unwrap().unwrap();
     let ch = accepted.client_hello();
-    assert_eq!(ch.server_name(), Some("localhost"));
+    assert_eq!(
+        ch.server_name(),
+        Some(&DnsName::try_from("localhost").unwrap())
+    );
 
     let (err, mut alert) = accepted
         .into_connection(server_config.into())
@@ -6397,7 +6412,7 @@ fn test_no_warning_logging_during_successful_sessions() {
         }
     }
 
-    if cfg!(feature = "logging") {
+    if cfg!(feature = "log") {
         COUNTS.with(|c| {
             println!("After tests: {:?}", c.borrow());
             assert!(c.borrow().warn.is_empty());
@@ -6741,7 +6756,7 @@ fn test_debug_server_name_from_string() {
     )
 }
 
-#[cfg(all(feature = "ring", feature = "aws_lc_rs"))]
+#[cfg(all(feature = "ring", feature = "aws-lc-rs"))]
 #[test]
 fn test_explicit_provider_selection() {
     let client_config = finish_client_config(
@@ -6986,7 +7001,7 @@ fn test_server_fips_service_indicator_includes_require_ems() {
     assert!(!server_config.fips());
 }
 
-#[cfg(feature = "aws_lc_rs")]
+#[cfg(feature = "aws-lc-rs")]
 #[test]
 fn test_client_fips_service_indicator_includes_ech_hpke_suite() {
     if !provider_is_fips() {
diff --git a/rustls/tests/common/mod.rs b/rustls/tests/common/mod.rs
index 02541e91829..8e927c54247 100644
--- a/rustls/tests/common/mod.rs
+++ b/rustls/tests/common/mod.rs
@@ -87,7 +87,7 @@ pub fn webpki_server_verifier_builder(
 
 fn exactly_one_provider() -> bool {
     cfg!(any(
-        all(feature = "ring", not(feature = "aws_lc_rs")),
-        all(feature = "aws_lc_rs", not(feature = "ring"))
+        all(feature = "ring", not(feature = "aws-lc-rs")),
+        all(feature = "aws-lc-rs", not(feature = "ring"))
     ))
 }
diff --git a/rustls/tests/process_provider.rs b/rustls/tests/process_provider.rs
index 007033225fa..fc9de436c40 100644
--- a/rustls/tests/process_provider.rs
+++ b/rustls/tests/process_provider.rs
@@ -1,4 +1,4 @@
-#![cfg(any(feature = "ring", feature = "aws_lc_rs"))]
+#![cfg(any(feature = "ring", feature = "aws-lc-rs"))]
 
 //! Note that the default test runner builds each test file into a separate
 //! executable, and runs tests in an indeterminate order.  That restricts us
@@ -6,11 +6,11 @@
 
 use rustls::ClientConfig;
 use rustls::crypto::CryptoProvider;
-#[cfg(all(feature = "aws_lc_rs", not(feature = "ring")))]
+#[cfg(all(feature = "aws-lc-rs", not(feature = "ring")))]
 use rustls::crypto::aws_lc_rs as provider;
-#[cfg(all(feature = "ring", not(feature = "aws_lc_rs")))]
+#[cfg(all(feature = "ring", not(feature = "aws-lc-rs")))]
 use rustls::crypto::ring as provider;
-#[cfg(all(feature = "ring", feature = "aws_lc_rs"))]
+#[cfg(all(feature = "ring", feature = "aws-lc-rs"))]
 use rustls::crypto::ring as provider;
 
 mod common;
@@ -18,11 +18,11 @@ use crate::common::*;
 
 #[test]
 fn test_process_provider() {
-    if dbg!(cfg!(all(feature = "ring", feature = "aws_lc_rs"))) {
+    if dbg!(cfg!(all(feature = "ring", feature = "aws-lc-rs"))) {
         test_explicit_choice_required();
-    } else if dbg!(cfg!(all(feature = "ring", not(feature = "aws_lc_rs")))) {
+    } else if dbg!(cfg!(all(feature = "ring", not(feature = "aws-lc-rs")))) {
         test_ring_used_as_implicit_provider();
-    } else if dbg!(cfg!(all(feature = "aws_lc_rs", not(feature = "ring")))) {
+    } else if dbg!(cfg!(all(feature = "aws-lc-rs", not(feature = "ring")))) {
         test_aws_lc_rs_used_as_implicit_provider();
     } else {
         panic!("fix feature combinations");
diff --git a/rustls/tests/runners/api.rs b/rustls/tests/runners/api.rs
index 99cb0c29487..b194501f19a 100644
--- a/rustls/tests/runners/api.rs
+++ b/rustls/tests/runners/api.rs
@@ -17,7 +17,7 @@ mod tests_with_ring {
     mod tests;
 }
 
-#[cfg(feature = "aws_lc_rs")]
+#[cfg(feature = "aws-lc-rs")]
 #[path = "."]
 mod tests_with_aws_lc_rs {
     use super::*;
diff --git a/rustls/tests/runners/api_ffdhe.rs b/rustls/tests/runners/api_ffdhe.rs
index 242455e764f..94c949f65db 100644
--- a/rustls/tests/runners/api_ffdhe.rs
+++ b/rustls/tests/runners/api_ffdhe.rs
@@ -10,7 +10,7 @@ mod tests_with_ring {
     mod tests;
 }
 
-#[cfg(feature = "aws_lc_rs")]
+#[cfg(feature = "aws-lc-rs")]
 #[path = "."]
 mod tests_with_aws_lc_rs {
     provider_aws_lc_rs!();
diff --git a/rustls/tests/runners/client_cert_verifier.rs b/rustls/tests/runners/client_cert_verifier.rs
index 4626270d2c4..d6494f05a0d 100644
--- a/rustls/tests/runners/client_cert_verifier.rs
+++ b/rustls/tests/runners/client_cert_verifier.rs
@@ -10,7 +10,7 @@ mod tests_with_ring {
     mod tests;
 }
 
-#[cfg(feature = "aws_lc_rs")]
+#[cfg(feature = "aws-lc-rs")]
 #[path = "."]
 mod tests_with_aws_lc_rs {
     provider_aws_lc_rs!();
diff --git a/rustls/tests/runners/key_log_file_env.rs b/rustls/tests/runners/key_log_file_env.rs
index dff6588b69f..374e184832b 100644
--- a/rustls/tests/runners/key_log_file_env.rs
+++ b/rustls/tests/runners/key_log_file_env.rs
@@ -17,7 +17,7 @@ mod tests_with_ring {
     mod tests;
 }
 
-#[cfg(feature = "aws_lc_rs")]
+#[cfg(feature = "aws-lc-rs")]
 #[path = "."]
 mod tests_with_aws_lc_rs {
     use super::serialized;
diff --git a/rustls/tests/runners/server_cert_verifier.rs b/rustls/tests/runners/server_cert_verifier.rs
index 11dd98990f4..85f728991fc 100644
--- a/rustls/tests/runners/server_cert_verifier.rs
+++ b/rustls/tests/runners/server_cert_verifier.rs
@@ -10,7 +10,7 @@ mod tests_with_ring {
     mod tests;
 }
 
-#[cfg(feature = "aws_lc_rs")]
+#[cfg(feature = "aws-lc-rs")]
 #[path = "."]
 mod tests_with_aws_lc_rs {
     provider_aws_lc_rs!();
diff --git a/rustls/tests/runners/unbuffered.rs b/rustls/tests/runners/unbuffered.rs
index 3c1f72048a7..0564fa77a5e 100644
--- a/rustls/tests/runners/unbuffered.rs
+++ b/rustls/tests/runners/unbuffered.rs
@@ -10,7 +10,7 @@ mod tests_with_ring {
     mod tests;
 }
 
-#[cfg(feature = "aws_lc_rs")]
+#[cfg(feature = "aws-lc-rs")]
 #[path = "."]
 mod tests_with_aws_lc_rs {
     provider_aws_lc_rs!();
diff --git a/rustls/tests/server_cert_verifier.rs b/rustls/tests/server_cert_verifier.rs
index 30a5600d590..f8766b777f2 100644
--- a/rustls/tests/server_cert_verifier.rs
+++ b/rustls/tests/server_cert_verifier.rs
@@ -215,11 +215,11 @@ fn client_can_request_certain_trusted_cas() {
 
         let cas_sending_server_verifier = Arc::new(ServerCertVerifierWithCasExt {
             verifier: server_verifier.clone(),
-            ca_names: vec![DistinguishedName::from(
+            ca_names: Arc::from(vec![DistinguishedName::from(
                 key_type
                     .ca_distinguished_name()
                     .to_vec(),
-            )],
+            )]),
         });
 
         let cas_sending_client_config = client_config_builder(&provider)
@@ -262,7 +262,7 @@ fn client_can_request_certain_trusted_cas() {
 pub struct ResolvesCertChainByCaName(Vec<(DistinguishedName, Arc<CertifiedKey>)>);
 
 impl ResolvesServerCert for ResolvesCertChainByCaName {
-    fn resolve(&self, client_hello: ClientHello<'_>) -> Option<Arc<CertifiedKey>> {
+    fn resolve(&self, client_hello: &ClientHello<'_>) -> Option<Arc<CertifiedKey>> {
         let Some(cas_extension) = client_hello.certificate_authorities() else {
             println!(
                 "ResolvesCertChainByCaName: no CAs extension in ClientHello, returning default cert"
@@ -288,7 +288,7 @@ impl ResolvesServerCert for ResolvesCertChainByCaName {
 #[derive(Debug)]
 struct ServerCertVerifierWithCasExt {
     verifier: Arc<dyn ServerCertVerifier>,
-    ca_names: Vec<DistinguishedName>,
+    ca_names: Arc<[DistinguishedName]>,
 }
 
 impl ServerCertVerifier for ServerCertVerifierWithCasExt {
@@ -328,12 +328,16 @@ impl ServerCertVerifier for ServerCertVerifierWithCasExt {
         self.verifier.supported_verify_schemes()
     }
 
+    fn request_ocsp_response(&self) -> bool {
+        self.verifier.request_ocsp_response()
+    }
+
     fn requires_raw_public_keys(&self) -> bool {
         self.verifier.requires_raw_public_keys()
     }
 
-    fn root_hint_subjects(&self) -> Option<&[DistinguishedName]> {
+    fn root_hint_subjects(&self) -> Option<Arc<[DistinguishedName]>> {
         println!("ServerCertVerifierWithCasExt::root_hint_subjects() called!");
-        Some(&self.ca_names)
+        Some(self.ca_names.clone())
     }
 }

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<title>pFad - Phonifier reborn</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
</head>
<body>
<h1>Pfad - The Proxy pFad of &#169; 2024 Garber Painting. All rights reserved.</h1>


<!-- Disclaimer -->
<p>Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.</p>
<br>
<p>Alternative Proxies:</p><p><a href="http://clevelandohioweatherforecast.com/php-proxy/index.php?q=https://github.com/rustls/rustls/compare/main...jbp-dev-0.24.diff" target="_blank">Alternative Proxy</a></p><p><a href="http://clevelandohioweatherforecast.com/pFad/index.php?u=https://github.com/rustls/rustls/compare/main...jbp-dev-0.24.diff" target="_blank">pFad Proxy</a></p><p><a href="http://clevelandohioweatherforecast.com/pFad/v3index.php?u=https://github.com/rustls/rustls/compare/main...jbp-dev-0.24.diff" target="_blank">pFad v3 Proxy</a></p><p><a href="http://clevelandohioweatherforecast.com/pFad/v4index.php?u=https://github.com/rustls/rustls/compare/main...jbp-dev-0.24.diff" target="_blank">pFad v4 Proxy</a></p></body>
</html>