Hi, > > > - Using gnutls-cli, I try to establish a connection to the mail > > server. > > - From wireshark, I can see that gnutls offers rsa_pcks_sha1 as a > > signature algorithm. > > Do you see this behavior also with the DEFAULT policy?
yes. So, in brief: DEFAULT policy is enabled. GnuTLS proposes SHA1 as a signature algorithm during TLS Handshake. Server chooses SHA1. GnuTLS cancels because SHA1 is forbidden by DEFAULT crypto-policy. In the end, this leads to evolution mailclient not working anymore. Best Philip P.S.: I sent you the mailserver address privately, in case you want to reproduce the problem. _______________________________________________ Gnutls-help mailing list Gnutls-help@lists.gnutls.org http://lists.gnupg.org/mailman/listinfo/gnutls-help