On Mon, 21 May 2012, Phil Pennock wrote: > NSS limit is 2236 bits.
Just a brief update on this in case someone is interested: It appears that this limit has been already increased to 3072 bits in the latest NSS release 3.13.4. See the diff at: http://bonsai.mozilla.org/cvsview2.cgi?diff_mode=context&whitespace_mode=show&file=blapit.h&branch=&root=/cvsroot&subdir=mozilla/security/nss/lib/freebl&command=DIFF_FRAMESET&rev1=1.25&rev2=1.26 Thus we should be soon starting to see NSS based clients which can negotiate DHE-RSA with GnuTLS at "NORMAL" security level. Now they are planning to increase the limit to 16k in the next NSS release 3.13.5. See the latest update of the NSS bug: https://bugzilla.mozilla.org/show_bug.cgi?id=636802 After that has been completed, NSS clients should be able to do DHE (but probably not RSA) with GnuTLS server at all security levels. -- Janne Snabb / EPIPE Communications [email protected] - http://epipe.com/ _______________________________________________ Help-gnutls mailing list [email protected] https://lists.gnu.org/mailman/listinfo/help-gnutls
