There was a new attack against few SSL/TLS implementations called FREAK [0]. This attack relies on being able to modify the client's state machine and switch it from RSA to RSA-EXPORT. Such an attack is not possible in the way the GnuTLS' state machine operates, and moreover modern versions of GnuTLS don't support RSA-EXPORT. Support for EXPORT ciphersuites was removed back in 2013 [1]. So as it is now, this attack doesn't affect GnuTLS clients or servers.
regards, Nikos [0]. https://freakattack.com/ [1]. https://gitlab.com/gnutls/gnutls/blob/master/NEWS#L768 _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
