[gnutls-devel] RSA vs. DHE-RSA with default priority string

Armin Burgmeier armin at arbur.net
Sun May 24 18:47:41 CEST 2015


On Sun, 2015-05-24 at 18:34 +0200, Nikos Mavrogiannopoulos wrote:
> On Sun, 2015-05-24 at 12:12 -0400, Armin Burgmeier wrote:
> > Hi,
> > 
> > I have a server [0] which allows use of DHE-RSA but does not enforce it.
> > It does not support any ECC, though.
> > 
> > When connecting with gnutls-cli from master (and 3.3), it chooses RSA
> > key exchange instead of DHE-RSA. I only get DHE-RSA when I specify
> > --priority=PFS.
> 
> The priorities were adjusted for DHE to be in the end of the list
> sometime during the 3.x branch because of the compatibility issues these
> ciphersuites have. That is if as a client you connect to a server which
> presents inadequate length of prime the handshake would fail (as seen in
> http://www.gnutls.org/faq.html#prime-not-acceptable ).
> 
> There is no way to avoid that, thus the solution was to move DHE in the
> end of the list by the time we had reliable ECDHE support. Said that, if
> you want to prioritize DHE over RSA you can do:
> "PFS:+RSA", or "NORMAL:-RSA:+RSA"

Thanks for the explanation and the suggestions! I'll go with that.

Armin




More information about the Gnutls-devel mailing list