[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#15057: 24.3.50; TLS error with reasonably high gnutls-min-prime-bits
From: |
Lars Ingebrigtsen |
Subject: |
bug#15057: 24.3.50; TLS error with reasonably high gnutls-min-prime-bits |
Date: |
Thu, 30 Jan 2014 16:46:43 -0800 |
User-agent: |
Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux) |
Ted Zlatanov <tzz@lifelogs.com> writes:
> LMI> gnutls will try to use as high a number of bits as the server supports,
> LMI> I think? So the variables are fine as they are -- they will give you
> LMI> all the security that the server says that it can provide.
>
> LMI> So the warning is kinda semi-bogus. Or at least ... premature.
>
> It's complicated and depends on the specific TLS priority string on the
> client and the server's preferences; e.g. ECC seems to negotiate in a
> completely different way. I asked on the gnutls-devel mailing list and
> there's just no good answer AFAICT.
But we're specifying the minimum prime bits that we accept. Surely the
client and server will negotiate the maximum possible bits they both
accept?
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog http://lars.ingebrigtsen.no/
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- bug#15057: 24.3.50; TLS error with reasonably high gnutls-min-prime-bits,
Lars Ingebrigtsen <=