[gnutls-devel] RSA vs. DHE-RSA with default priority string

Nikos Mavrogiannopoulos nmav at gnutls.org
Sun May 24 18:34:23 CEST 2015


On Sun, 2015-05-24 at 12:12 -0400, Armin Burgmeier wrote:
> Hi,
> 
> I have a server [0] which allows use of DHE-RSA but does not enforce it.
> It does not support any ECC, though.
> 
> When connecting with gnutls-cli from master (and 3.3), it chooses RSA
> key exchange instead of DHE-RSA. I only get DHE-RSA when I specify
> --priority=PFS.

The priorities were adjusted for DHE to be in the end of the list
sometime during the 3.x branch because of the compatibility issues these
ciphersuites have. That is if as a client you connect to a server which
presents inadequate length of prime the handshake would fail (as seen in
http://www.gnutls.org/faq.html#prime-not-acceptable ).

There is no way to avoid that, thus the solution was to move DHE in the
end of the list by the time we had reliable ECDHE support. Said that, if
you want to prioritize DHE over RSA you can do:
"PFS:+RSA", or "NORMAL:-RSA:+RSA"

regards,
Nikos





More information about the Gnutls-devel mailing list