fweimer at bfk.de
Wed Jan 4 17:07:14 CET 2012
* Nikos Mavrogiannopoulos:
> ** libgnutls: Added new priority string %SERVER_PRECEDENCE, which
> changes the ciphersuite selection procedure. If specified the server
> priorities will be used for selection instead of the client's.
Is it true that without %SERVER_PRECEDENCE (and in earlier versions),
the GNUTLS client only looks at its own cipher list, and does not
restrict itself to the intersection of its own suites and that provided
by the server?
We're seeing interop issues with a TLSv1.2 server which advertises are
fairly restricted list of cipher suites.
Florian Weimer <fweimer at bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
More information about the Gnutls-help