On 04/16/2011 05:54 PM, Andreas Metzler wrote: > thank you for taking the time to test the packages in experimental. I > can reproduce the bug. > > For clarification it is not caused by libgcrypt11 from experimental, > libgnutls26 2.12.2-1 with stable libgcrypt11 also fails. Attached > verbose log is not a lot more enlightening.
d3nwyuy0nl342s.cloudfront.net seems to support only one ciphersuite. That is ARCFOUR-128 with HMAC-MD5. I disabled HMAC-MD5 from the default set in 2.12.0 because it is not really trusted as an HMAC any more. If however this is widespread issue I'll reinstate HMAC-MD5 and remove it when a real attack is known. regards, Nikos -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
