TLS 1.2 server

Simon Josefsson simon at
Wed Sep 30 07:50:35 CEST 2009

Daiki Ueno <ueno at> writes:

> Hello,
> I've just pushed TLS 1.2 server fix.  While it was done in the same way
> as I did for client, I'd appreciate if someone will take a look at the
> changes:
> The latter change is not essential by now but it will be needed when we
> will use a hash algorithm other than SHA1 to compute a signature of DH
> params.
> Anyway, TLS 1.2 server works again.  I tried it with Opera 10 and the
> test output from GnuTLS says:

Great, thank you!  The patch seems fine to me.

What do you think we should do about the CertificateRequest
supported_signature_algorithms field?  I think the application may want
to look at the server preference when deciding which certificate to use,
and GnuTLS may want to use this information internally too, when it is
selecting the certificate.


>  Server Name: localhost
>  Ephemeral DH using prime of 1024 bits.
>  Protocol version:	TLS1.2
>  Certificate Type:	X.509
>  Key Exchange:	DHE-RSA
>  Compression	NULL
>  Cipher	AES-256-CBC
>  MAC	SHA256
>  Ciphersuite	DHE_RSA_AES_256_CBC_SHA256
> Regards,

More information about the Gnutls-devel mailing list