--On Monday, June 30, 2008 2:29 PM -0700 Quanah Gibson-Mount
<[EMAIL PROTECTED]> wrote:
--On Monday, June 30, 2008 2:26 PM -0700 Quanah Gibson-Mount
<[EMAIL PROTECTED]> wrote:
This suggests to me that the SSF values haven't been properly
normalized for GNUtls. Doesn't the "128" mean, roughly, a symmetric
cipher with keylength of 128? Surely the user's "TLSCipherSuite
TLS_RSA_AES_256_CBC_SHA1" should satisfy this?
The GnuTLS library is what reports back the SSF value. It may be
worthwhile to discuss with them why their values are so low.
Scratch that, it is an OpenLDAP conversion bug. I'll file an ITS on it
and report back.
<http://www.openldap.org/its/index.cgi/?findid=5585>
Fixed:
Update of /repo/OpenLDAP/pkg/ldap/libraries/libldap
Modified Files:
tls.c 1.160 -> 1.161
Log Message:
ITS#5585 GnuTLS key strength is in bytes, we expected bits
CVS Web URLs:
http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/
http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/tls.c
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
