[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
kx srp vs dhe
From: |
Adda Rathbone |
Subject: |
kx srp vs dhe |
Date: |
Sun, 13 Dec 2009 22:59:33 +0100 |
User-agent: |
Mutt/1.5.18 (2008-05-17) |
Hello,
I am writing a server using gnutls. The main idea was that a user
connects with a password. For that reason I want to use the SRP
authentication and as fallback the normal x509 authentication.
However if I use the gnutls_certificate_set_dh_params()
function in my server program, my srp client won't use the SRP kx
anymore (now it uses DHE-RSA).
Is there a reason for this behaviour?
I thought SRP would behave like PSK (PSK is not affected).
Does this mean SRP kx is not as secure as DHE kx?
Thank you
Adda Rathbone
PS:
client prio. settings: "SECURE256:+SRP"
server prio. settings: "SECURE256:+SRP:+SRP-DSS:+SRP-RSA"
- kx srp vs dhe,
Adda Rathbone <=