[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: priority strings behavior
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
Re: priority strings behavior |
|
Date: |
Sat, 23 Jul 2011 15:47:10 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.18) Gecko/20110617 Thunderbird/3.1.11 |
On 07/05/2011 08:41 AM, ben thielsen wrote:
> hi-
>
> i'm experimenting a bit with setting specific priority strings.
> i've been reading some of the documentation, namely gnutls.pdf from
> http://www.gnu.org/software/gnutls/documentation.html and man 1
> gnutls-cli, but i think some of the nuances are escaping me. i get
> the feeling that specifying certain things [specifically, cipher
> suites] will inherently also enable other certain things - is this
> true? are the cipher suites just shorthand methods for enabling
> multiple other specific things at once? is there somewhere
> documented which settings turn on other settings, and what they are?
>
> more specifically, i'd like to enable only the following:
[...]
> ...it seems like there's some contradiction between the list of
> cipher suites and the list of MACs? i can somehow use sha512, but
> none of the cipher suites can?
Gnutls priority strings are flexible and might allow more combinations
than the actual ciphersuites. If you want to pick a specific set of
algorithms it is better to pick a ciphersuite and use the algorithms it
consists from.
regards,
Nikos