brian m. carlson sand...@crustytoothpaste.net writes:
In fact, I happen to know that the documentation for GnuTLS is wrong
when it claims that [t]here are no known weaknesses of MD2. Such
weaknesses have been known for quite some time; in fact, certain
weaknesses in the compression function
On Fri, Feb 4, 2011 at 9:09 AM, Simon Josefsson si...@josefsson.org wrote:
gnutls-cli(1). Looking at the source, RC4 is defined in SECURE256, and
due to major weaknesses in its key scheduling (which can be used very
effectively against e.g. WEP), I would absolutely not want to use it if
any
On Thu, Feb 3, 2011 at 11:15 PM, brian m. carlson
sand...@crustytoothpaste.net wrote:
I am a system administrator and programmer and I do know what each
ciphersuite does, offers, and costs. I've implemented cryptographic
algorithms, including the second-fastest non-assembly implementation of
On Fri, Feb 04, 2011 at 12:15:14PM +0100, Nikos Mavrogiannopoulos wrote:
This is quite nice, but you should understand that not all people are like
you. GnuTLS has to be usable by a variety of people with different
backgrounds.
What we do is to offer simple options for everyone and more
On Sun, May 18, 2008 at 12:48:44PM +0300, Nikos Mavrogiannopoulos wrote:
The problem with direct ciphersuite setting, is that administrators
don't know what each ciphersuite does, offers or costs. Maybe they don't
even care. That's why I think that the new priority API should be used
for
I think that both the openssl and the gnutls cipher name constructs are
unnecessarily complex: there are maybe max 100 registered TLS
ciphersuites. A tiny portion of those are useful in normal situations.
I think it would be simpler if the administrator simply specified
exactly which TLS
I think that in general this suggestion is a good idea.
However, the OpenSSL cipher name parser is complicated; it uses a large
flex parser if I recall correctly. Integrating this will take quite an
effort. Patches welcome...
I think that both the openssl and the gnutls cipher name constructs
Source: gnutls26
Versiion: 2.2.1-3
Severity: wishlist
Hi,
With OpenLDAP 2.4, slapd in Debian has switched to GnuTLS. This has
introduced one regression in terms of config file syntax, because the server
TLSCipherSuite option can be used to select which ciphers to allow for
connections, and none
8 matches
Mail list logo