On Fri, Feb 04, 2011 at 12:15:14PM +0100, Nikos Mavrogiannopoulos wrote:
> This is quite nice, but you should understand that not all people are like
> you. GnuTLS has to be usable by a variety of people with different
> backgrounds.
> What we do is to offer simple options for everyone and more ad
On Thu, Feb 3, 2011 at 11:15 PM, brian m. carlson
wrote:
> I am a system administrator and programmer and I do know what each
> ciphersuite does, offers, and costs. I've implemented cryptographic
> algorithms, including the second-fastest non-assembly implementation of
> MD5 (according to my tes
On Fri, Feb 4, 2011 at 9:09 AM, Simon Josefsson wrote:
>> gnutls-cli(1). Looking at the source, RC4 is defined in SECURE256, and
>> due to major weaknesses in its key scheduling (which can be used very
>> effectively against e.g. WEP), I would absolutely not want to use it if
>> any other choice
"brian m. carlson" writes:
> In fact, I happen to know that the documentation for GnuTLS is wrong
> when it claims that "[t]here are no known weaknesses of" MD2. Such
> weaknesses have been known for quite some time; in fact, certain
> weaknesses in the compression function have been known longe
On Sun, May 18, 2008 at 12:48:44PM +0300, Nikos Mavrogiannopoulos wrote:
> The problem with direct ciphersuite setting, is that administrators
> don't know what each ciphersuite does, offers or costs. Maybe they don't
> even care. That's why I think that the new priority API should be used
> for ap
> I think that both the openssl and the gnutls cipher name constructs are
> unnecessarily complex: there are maybe max 100 registered TLS
> ciphersuites. A tiny portion of those are useful in normal situations.
> I think it would be simpler if the administrator simply specified
> exactly which TLS
I think that in general this suggestion is a good idea.
However, the OpenSSL cipher name parser is complicated; it uses a large
flex parser if I recall correctly. Integrating this will take quite an
effort. Patches welcome...
I think that both the openssl and the gnutls cipher name constructs a
Source: gnutls26
Versiion: 2.2.1-3
Severity: wishlist
Hi,
With OpenLDAP 2.4, slapd in Debian has switched to GnuTLS. This has
introduced one regression in terms of config file syntax, because the server
"TLSCipherSuite" option can be used to select which ciphers to allow for
connections, and non
8 matches
Mail list logo
