[gnutls-devel] GnuTLS | ALPN issue (#951)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Tue Mar 10 21:29:33 CET 2020

Nikos Mavrogiannopoulos commented:

This sounds to me like a middleware bug here. The hello that works has smaller size than the hello that doesn't due to less ciphersuites being enabled. You may want to disable ciphersuites in your priority string to work-around the problem (e.g., "-DHE-RSA:-DHE-DSS" and other options based on what you see on wireshark).

Not sure gnutls can do more in working around the middleware (though if you use the latest versions in 3.6.x branch they enable much less ciphersuites than earlier versions). I'm closing this but please feel free to re-open if you still believe the issue is in gnutls.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/951#note_302752913
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200310/3ed25c3b/attachment-0001.html>

More information about the Gnutls-devel mailing list