Are the --gnutls-priorities and --dhparams arguments available for v6. I know
they are available for v5.
On Monday, May 26, 2014 5:38 AM, Reindl Harald <[email protected]> wrote:
Am 26.05.2014 13:58, schrieb Hani Benhabiles:
> On 2014-05-26 12:07, Reindl Harald wrote:
>
> Because there is no such thing as "default" DH parameters to be used for
> DHE by the server. Not with GnuTLS 2.x nor
> with GnuTLS 3.x...
>
> Don't trust me ?
> - Check openssl s_server's -dhparam
> - Check gnutls's --dhparams
> - Check nginx' ssl_dhparam configuration
> - Check openvpn's --dh
> etc,...
that must be why Apache can offer DHE for years without
specific configurations and even if it needs dh-params
it can be not that hard to generate them automatically
* dovecot can
* postfix can
* apache can
only GSA can't
[harry@rh:~]$ sslscan openvas | grep Accepted
Accepted SSLv3 256 bits AES256-SHA
Accepted SSLv3 168 bits DES-CBC3-SHA
Accepted SSLv3 128 bits AES128-SHA
Accepted SSLv3 128 bits RC4-SHA
Accepted SSLv3 128 bits RC4-MD5
Accepted TLSv1 256 bits AES256-SHA
Accepted TLSv1 256 bits CAMELLIA256-SHA
Accepted TLSv1 168 bits DES-CBC3-SHA
Accepted TLSv1 128 bits AES128-SHA
Accepted TLSv1 128 bits CAMELLIA128-SHA
Accepted TLSv1 128 bits RC4-SHA
Accepted TLSv1 128 bits RC4-MD5
Accepted TLS11 256 bits AES256-SHA
Accepted TLS11 256 bits CAMELLIA256-SHA
Accepted TLS11 168 bits DES-CBC3-SHA
Accepted TLS11 128 bits AES128-SHA
Accepted TLS11 128 bits CAMELLIA128-SHA
Accepted TLS11 128 bits RC4-SHA
Accepted TLS11 128 bits RC4-MD5
_______________________________________________
Openvas-discuss mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
_______________________________________________
Openvas-discuss mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
