FAQ & Change log minor update

Peter Thorson · Peter Thorson · commit b6014cc79b09 · 2016-02-02T09:39:12.000-05:00
diff --git a/changelog.md b/changelog.md
@@ -49,7 +49,7 @@ HEAD
 - Compatibility: Replace deprecated use of auto_ptr on systems where unique_ptr
   is available.
 
-0.6.0
+0.6.0 - 2015-06-02
 - MINOR BREAKING TRANSPORT POLICY CHANGE: Custom transport policies will now be
   required to include a new method `void set_uri(uri_ptr u)`. An implementation
   is not required. The stub transport policy includes an example stub method
diff --git a/docs/faq.dox b/docs/faq.dox
@@ -19,4 +19,17 @@ Whether an Asio endpoint uses TLS or not is determined by its config template pa
 
 The `<websocketpp/config/asio.hpp>` and `<websocketpp/config/asio_client.hpp>` headers will include both the TLS and non-TLS varients of their respective configs and require the presence of OpenSSL. The `<websocketpp/config/asio_no_tls.hpp>` and `<websocketpp/config/asio_no_tls_client.hpp>` headers will include only the non-TLS configs and do not require OpenSSL.
 
+
+## Security
+
+### Is it possible to terminate a malicious connection quickly, without tying up resources performing clean close steps, 
+
+Yes. The library will automatically detect and terminate connections that violate the WebSocket protocol. In cases where the library believes the remote endpoint to be malicious or sufficiently broken to be unlikely to understand or process the closing handshake, it will be omited.
+
+If your application detects conditions above the protocol level that you believe to be malicious, for example, if you recognize an IP from a known denial of service attack, you can close the connection with two different levels of urgency. Use the standard `websocketpp::endpoint::close` or `websocketpp::connection::close` methods with one of the following special close codes:
+- `websocketpp::close::status::omit_handshake`: Omits the closing handshake, but cleanly closes the TCP connection.
+- `websocketpp::close::status::force_tcp_drop`: Forcibly drop the TCP connection.
+
+Please note that usage of these disconnect methods results in a violation of the WebSocket protocol and may have negative reprocusions for the remote endpoint with respect to network timeouts. Please use caution when using them.
+
 */
