gnutls 3.0.9

Nikos Mavrogiannopoulos nmav at
Wed Jan 4 17:33:55 CET 2012

On 01/04/2012 05:07 PM, Florian Weimer wrote:

> * Nikos Mavrogiannopoulos:
>> ** libgnutls: Added new priority string %SERVER_PRECEDENCE, which
>> changes the ciphersuite selection procedure. If specified the server
>> priorities will be used for selection instead of the client's.
> Is it true that without %SERVER_PRECEDENCE (and in earlier versions),
> the GNUTLS client only looks at its own cipher list, and does not
> restrict itself to the intersection of its own suites and that provided
> by the server?

%SERVER_PRECEDENCE has no effect if given in client side. It affects how the server selects the ciphersuite from the common supported.

> We're seeing interop issues with a TLSv1.2 server which advertises are
> fairly restricted list of cipher suites.

What do you see?


More information about the Gnutls-help mailing list