[gnutls-devel] GnuTLS | Add GOST-CNT ciphersuite support (!1119)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Wed Nov 20 16:29:34 CET 2019




Dmitry Eremin-Solenikov commented on a discussion on lib/priority.c: https://gitlab.com/gnutls/gnutls/merge_requests/1119#note_247928039

>  #endif
>  #ifdef ENABLE_DHE
>  	GNUTLS_KX_DHE_RSA,
> +#endif
> +#ifdef ENABLE_GOST
> +	GNUTLS_KX_VKO_GOST_12,

@nmav current design proposal:

`enable-gost-tls12` would control if 'NORMAL' will point to GOST-enable or GOST-disabled KX list. This would allow one to use this option in the config file or to override it manually via priorities. Optional item: add function call to override this option.

Alernative proposal (since for TLS 1.3 we will use ecdhe instead of VKO):

`enable-gost-tls` option that controls cipher lists in the same way.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/1119#note_247928039
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20191120/4f3a4b39/attachment-0001.html>


More information about the Gnutls-devel mailing list