We are pleased to announce the availability of GnuTLS version 1.3.1, the second release on the experimental 1.3.x branch.
The goal of 1.3.x will be to merge work currently done on CVS branches, for TLS Pre-Shared-Keys and TLS Inner Application. Other planned improvements in 1.3.x are system-independent resume data structures, modularization of the bignum operations, and TLS OpenPGP improvements. So far, TLS-PSK and system-independent resume data has been implemented. GnuTLS is a modern C library that implement the standard network security protocol Transport Layer Security (TLS), for use by network applications. Improving GnuTLS is costly, but you can help! We are looking for organizations that find GnuTLS useful and wish to contribute back. You can contribute by reporting bugs, improve the software, or donate money or equipment. Commercial support contracts for GnuTLS are available, and they help finance continued maintenance. Simon Josefsson Datakonsult, a Stockholm based privately held company, is currently funding GnuTLS maintenance. We are always looking for interesting development projects. If you need help to use GnuTLS, or want to help others, you are invited to join our help-gnutls mailing list, see: <http://lists.gnu.org/mailman/listinfo/help-gnutls>. The project page of the library is available at: http://www.gnutls.org/ http://www.gnu.org/software/gnutls/ http://josefsson.org/gnutls/ (updated fastest) Here are the compressed sources: http://josefsson.org/gnutls/releases/gnutls-1.3.1.tar.gz (3.0MB) ftp://ftp.gnutls.org/pub/gnutls/gnutls-1.3.1.tar.bz2 (3.0MB) Here are GPG detached signatures signed using key 0xB565716F: http://josefsson.org/gnutls/releases/gnutls-1.3.1.tar.bz2.sig ftp://ftp.gnutls.org/pub/gnutls/gnutls-1.3.1.tar.bz2.sig The software is cryptographically signed by the author using an OpenPGP key identified by the following information: 1280R/B565716F 2002-05-05 [expires: 2006-02-28] Key fingerprint = 0424 D4EE 81A0 E3D1 19C6 F835 EDA2 1E94 B565 716F The key is available from: http://josefsson.org/key.txt dns:b565716f.josefsson.org?TYPE=CERT Here are the build reports for various platforms: http://josefsson.org/autobuild-logs/gnutls.html Here are the SHA-1 checksums: 80eb527cf981344778d0dd6cb2ed25f379d8785c gnutls-1.3.1.tar.bz2 5b260e5d3594a8cf8ea79376bd97775a5f566920 gnutls-1.3.1.tar.bz2.sig Enjoy, Nikos and Simon Noteworthy changes since version 1.3.0: ** Support for DHE-PSK cipher suites has been added. This method offers perfect forward secrecy. ** Fix gnutls-cli STARTTLS hang when SIGINT is sent too quickly, thanks to Otto Maddox <[EMAIL PROTECTED]> and Nozomu Ando <[EMAIL PROTECTED]>. ** Corrected a bug in certtool for 64 bit machines. Reported by Max Kellermann <[EMAIL PROTECTED]>. ** New function to set a X.509 private key and certificate pairs, and/or CRLs, from an PKCS#12 file, suggested by Emile van Bergen <[EMAIL PROTECTED]>. The integrity of the PKCS#12 file is protected through a password based MAC; public-key based signatures for integrity protection are not supported. PKCS#12 bags may be encrypted using password derived symmetric keys, public-key based encryption is not supported. The PKCS#8 keys may be encrypted using passwords. The API use the same password for all operations. We believe that any more flexibility create too much complexity that would hurt overall security, but may add more PKCS#12 related APIs if real-world experience indicate otherwise. ** gnutls_x509_privkey_import_pkcs8 now accept unencrypted PEM PKCS#8 keys, reported by Emile van Bergen <[EMAIL PROTECTED]>. This will enable "certtool -k -8" to parse those keys. ** Certtool now generate keys in unencrypted PKCS#8 format for empty passwords. Use "certtool -p -8" and press press enter at the prompt. Earlier, certtool would have encrypted the key using an empty password. ** Certtool now accept --password for --key-info and encrypted PKCS#8 keys. Earlier it would have prompted the user for it, even if --password was supplied. ** Added self test of PKCS#8 parsing. Unencrypted and encrypted (pbeWithSHAAnd3-KeyTripleDES-CBC and pbeWithSHAAnd40BitRC2-CBC) formats are tested. The test is in tests/pkcs8. ** API and ABI modifications: New function to set X.509 credentials from a PKCS#12 file: gnutls_certificate_set_x509_simple_pkcs12_file New gnutls_kx_algorithm_t enum type: GNUTLS_KX_DHE_PSK New API to return session data (better data types than gnutls_session_get_data): gnutls_session_get_data2 New API to set PSK Diffie-Hellman parameters: gnutls_psk_set_server_dh_params
pgp7mgdVVnIMj.pgp
Description: PGP signature
_______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
