[gnutls-dev] Weak ciphers?
nmav at gnutls.org
Fri Oct 17 16:39:03 CEST 2003
On Fri, Oct 17, 2003 at 05:16:14PM +0300, Nikos Mavroyanopoulos wrote:
> > Hi,
> > One of the users of the Debian GNU TLS package wants to use openldap
> > (the Debian package now uses GNU TLS to setup SSL connections) to
> > connect to a Netscape LDAP server, which only uses:
> > nsssl2ciphers: +rc2export,+rc4export
> > nsssl3ciphers: -rsa_null_md5,+rsa_rc2_40_md5,+rsa_rc4_40_md5
> > Is there a way to make GNU TLS set up a connection to this server?
> The ciphersuite TLS_RSA_EXPORT_ARCFOUR_40_MD5 is supported, so rsa_rc4_40_md5
> seems to be common (RC2 is not supported in gnutls for TLS connections).
I forgot to say that in order to enable this ciphersuite,
gnutls_set_default_export_priority() has to be called, or the
ciphers GNUTLS_CIPHER_ARCFOUR_40 and GNUTLS_KX_RSA_EXPORT, have
to be enabled.
More information about the Gnutls-devel