diff --git a/CHANGELOG.md b/CHANGELOG.md
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,36 @@
+# CHANGELOG
+
+## Version 0.4.6
+
+* Using tls v2.3 and crypton-x509* v1.9.
+
+## Version 0.4.5
+
+* Swap `crypton-socks` for unmaintained `socks` dependency.
+
+## Version 0.4.4
+
+* Remove unused packages.
+  [#8](https://github.com/kazu-yamamoto/crypton-connection/pull/8)
+
+## Version 0.4.3
+
+* Creating the `Internal` module and export the `ConnectionContext` constructor.
+  [#7](https://github.com/kazu-yamamoto/crypton-connection/pull/7)
+
+## Version 0.4.2
+
+* Using data-default.
+
+## Version 0.4.1
+
+* Preparing for tls v2.1
+
+## Version 0.4.0
+
+* Add support for overriding the TLS clientSupported member in TLSSettingsSimple
+  [#3](https://github.com/kazu-yamamoto/crypton-connection/pull/3)
+
 ## Version 0.3.2
 
 * Supporting tls v2.0.0.
@@ -5,4 +38,3 @@
 ## Version 0.3.1
 
 * The first release to support crypton.
-
diff --git a/Network/Connection.hs b/Network/Connection.hs
--- a/Network/Connection.hs
+++ b/Network/Connection.hs
@@ -57,7 +57,6 @@
 import qualified System.IO.Error as E (mkIOError, eofErrorType)
 
 import qualified Network.TLS as TLS
-import qualified Network.TLS.Extra as TLS
 
 import System.X509 (getSystemCertificateStore)
 
@@ -66,7 +65,7 @@
 import qualified Network.Socket.ByteString as N
 
 import Data.Tuple (swap)
-import Data.Default.Class
+import Data.Default
 import Data.Data
 import Data.ByteString (ByteString)
 import qualified Data.ByteString as B
@@ -97,7 +96,7 @@
 instance E.Exception HostCannotConnect
 
 connectionSessionManager :: Manager -> TLS.SessionManager
-connectionSessionManager mvar = TLS.SessionManager
+connectionSessionManager mvar = TLS.noSessionManager
     { TLS.sessionResume     = \sessionID -> withMVar mvar (return . M.lookup sessionID)
     , TLS.sessionEstablish  = \sessionID sessionData ->
                                modifyMVar_ mvar (return . M.insert sessionID sessionData)
@@ -123,7 +122,7 @@
 makeTLSParams :: ConnectionContext -> ConnectionID -> TLSSettings -> TLS.ClientParams
 makeTLSParams cg cid ts@(TLSSettingsSimple {}) =
     (TLS.defaultParamsClient (fst cid) portString)
-        { TLS.clientSupported = def { TLS.supportedCiphers = TLS.ciphersuite_default }
+        { TLS.clientSupported = settingClientSupported ts
         , TLS.clientShared    = def
             { TLS.sharedCAStore         = globalCertificateStore cg
             , TLS.sharedValidationCache = validationCache
diff --git a/Network/Connection/Internal.hs b/Network/Connection/Internal.hs
new file mode 100644
--- /dev/null
+++ b/Network/Connection/Internal.hs
@@ -0,0 +1,6 @@
+module Network.Connection.Internal
+    ( ConnectionContext (..)
+    )
+where
+
+import Network.Connection.Types (ConnectionContext (..))
diff --git a/Network/Connection/Types.hs b/Network/Connection/Types.hs
--- a/Network/Connection/Types.hs
+++ b/Network/Connection/Types.hs
@@ -6,26 +6,26 @@
 -- Portability : portable
 --
 -- connection types
---
 module Network.Connection.Types
-    where
+where
 
 import Control.Concurrent.MVar (MVar)
 
-import Data.Default.Class
-import Data.X509.CertificateStore
 import Data.ByteString (ByteString)
+import Data.Default
+import Data.X509.CertificateStore
 
 import Network.Socket (PortNumber, Socket)
 import qualified Network.TLS as TLS
+import qualified Network.TLS.Extra as TLS
 
 import System.IO (Handle)
 
 -- | Simple backend enumeration, either using a raw connection or a tls connection.
-data ConnectionBackend = ConnectionStream Handle
-                       | ConnectionSocket Socket
-                       | ConnectionTLS TLS.Context
-
+data ConnectionBackend
+    = ConnectionStream Handle
+    | ConnectionSocket Socket
+    | ConnectionTLS TLS.Context
 
 -- | Hostname This could either be a name string (punycode encoded) or an ipv4/ipv6
 type HostName = String
@@ -40,10 +40,14 @@
 -- If you need to connect through a SOCKS, you should make sure
 -- connectionUseSocks is correctly set.
 data ConnectionParams = ConnectionParams
-    { connectionHostname   :: HostName           -- ^ host name to connect to.
-    , connectionPort       :: PortNumber         -- ^ port number to connect to.
-    , connectionUseSecure  :: Maybe TLSSettings  -- ^ optional TLS parameters.
-    , connectionUseSocks   :: Maybe ProxySettings -- ^ optional Proxy/Socks configuration.
+    { connectionHostname :: HostName
+    -- ^ host name to connect to.
+    , connectionPort :: PortNumber
+    -- ^ port number to connect to.
+    , connectionUseSecure :: Maybe TLSSettings
+    -- ^ optional TLS parameters.
+    , connectionUseSocks :: Maybe ProxySettings
+    -- ^ optional Proxy/Socks configuration.
     }
 
 -- | Proxy settings for the connection.
@@ -54,8 +58,8 @@
 --
 -- That's for now the only settings in the SOCKS package,
 -- socks password, or any sort of other authentications is not yet implemented.
-data ProxySettings =
-      SockSettingsSimple HostName PortNumber
+data ProxySettings
+    = SockSettingsSimple HostName PortNumber
     | SockSettingsEnvironment (Maybe String)
     | OtherProxy HostName PortNumber
 
@@ -68,27 +72,43 @@
 -- simple settings, you should use TLSSettingsSimple.
 data TLSSettings
     = TLSSettingsSimple
-             { settingDisableCertificateValidation :: Bool -- ^ Disable certificate verification completely,
-                                                           --   this make TLS/SSL vulnerable to a MITM attack.
-                                                           --   not recommended to use, but for testing.
-             , settingDisableSession               :: Bool -- ^ Disable session management. TLS/SSL connections
-                                                           --   will always re-established their context.
-                                                           --   Not Implemented Yet.
-             , settingUseServerName                :: Bool -- ^ Use server name extension. Not Implemented Yet.
-             } -- ^ Simple TLS settings. recommended to use.
-    | TLSSettings TLS.ClientParams -- ^ full blown TLS Settings directly using TLS.Params. for power users.
+        { settingDisableCertificateValidation :: Bool
+        -- ^ Disable certificate verification completely,
+        --   this make TLS/SSL vulnerable to a MITM attack.
+        --   not recommended to use, but for testing.
+        , settingDisableSession :: Bool
+        -- ^ Disable session management. TLS/SSL connections
+        --   will always re-established their context.
+        --   Not Implemented Yet.
+        , settingUseServerName :: Bool
+        -- ^ Use server name extension. Not Implemented Yet.
+        , settingClientSupported :: TLS.Supported
+        -- ^ Used for the 'TLS.clientSupported'
+        --   member of 'TLS.ClientParams'.
+        }
+    | -- \^ Simple TLS settings. recommended to use.
+
+      -- | full blown TLS Settings directly using TLS.Params. for power users.
+      TLSSettings TLS.ClientParams
     deriving (Show)
 
 instance Default TLSSettings where
-    def = TLSSettingsSimple False False False
+    def =
+        TLSSettingsSimple
+            False
+            False
+            False
+            def{TLS.supportedCiphers = TLS.ciphersuite_default}
 
 type ConnectionID = (HostName, PortNumber)
 
 -- | This opaque type represent a connection to a destination.
 data Connection = Connection
     { connectionBackend :: MVar ConnectionBackend
-    , connectionBuffer  :: MVar (Maybe ByteString) -- ^ this is set to 'Nothing' on EOF
-    , connectionID      :: ConnectionID  -- ^ return a simple tuple of the port and hostname that we're connected to.
+    , connectionBuffer :: MVar (Maybe ByteString)
+    -- ^ this is set to 'Nothing' on EOF
+    , connectionID :: ConnectionID
+    -- ^ return a simple tuple of the port and hostname that we're connected to.
     }
 
 -- | Shared values (certificate store, sessions, ..) between connections
diff --git a/Setup.hs b/Setup.hs
--- a/Setup.hs
+++ b/Setup.hs
@@ -1,2 +1,3 @@
 import Distribution.Simple
+
 main = defaultMain
diff --git a/crypton-connection.cabal b/crypton-connection.cabal
--- a/crypton-connection.cabal
+++ b/crypton-connection.cabal
@@ -1,7 +1,7 @@
 Name:                crypton-connection
-Version:             0.3.2
+Version:             0.4.6
 Description:
-    Simple network library for all your connection need.
+    Simple network library for all your connection needs.
     .
     Features: Really simple to use, SSL/TLS, SOCKS.
     .
@@ -12,7 +12,7 @@
 Copyright:           Vincent Hanquez <vincent@snarc.org>
 Author:              Vincent Hanquez <vincent@snarc.org>
 Maintainer:          Kazu Yamamoto <kazu@iij.ad.jp>
-Synopsis:            Simple and easy network connections API
+Synopsis:            Simple and easy network connection API
 Build-Type:          Simple
 Category:            Network
 stability:           experimental
@@ -24,18 +24,16 @@
 Library
   Default-Language:  Haskell2010
   Build-Depends:     base >= 3 && < 5
-                   , basement
                    , bytestring
                    , containers
-                   , data-default-class
+                   , data-default
                    , network >= 2.6.3
-                   , tls >= 1.7
-                   , socks >= 0.6
-                   , crypton-x509 >= 1.5
-                   , crypton-x509-store >= 1.5
-                   , crypton-x509-system >= 1.5
-                   , crypton-x509-validation >= 1.5
+                   , tls >= 2.3.0 && < 2.4
+                   , crypton-socks >= 0.6
+                   , crypton-x509-store >= 1.9.0 && <1.10
+                   , crypton-x509-system >= 1.9.0 && <1.10
   Exposed-modules:   Network.Connection
+                     Network.Connection.Internal
   Other-modules:     Network.Connection.Types
   ghc-options:       -Wall
 
