I believe we may be close to understanding this entire bug report now. For context, please review:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466477 My conclusion is that there are three different problems discussed: The mail3.mclemente.net problem has been fixed in v2.4.0. It was a combination of a gnutls-cli bug and an intentional DoS limit in libgnutls that has been increased now. www.lbbw.de is likely buggy, it doesn't handle record padding. www99.americanexpress.com is also likely buggy, it fails to talk with clients that advertise TLS 1.1. The remaining step is to check whether bluepages.ibm.com exhibits either one of the two last problems. However, the server isn't accessible on the Internet. Richard, can you test these two commands? gnutls-cli -p 636 bluepages.ibm.com -d 4711 --priority NORMAL:-VERS-TLS1.1 gnutls-cli -p 636 bluepages.ibm.com -d 4711 --priority NORMAL:%COMPAT You'll need a modern gnutls package, please let us know which package version you use. If either of these commands succeeds, let us know which. If so, I believe that shows the server to be buggy, and that you now know of a workaround. Then we can close the bug. If neither of them succeeds, please post the output from both commands. Then we'll have to continue debug the problem... I really hope we can close this report. /Simon -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
