GnuTLS/NSS interop in Exim 4.80 RC

Nikos Mavrogiannopoulos nmav at
Tue May 22 11:23:20 CEST 2012

On Tue, May 22, 2012 at 11:15 AM, Patrick Pelletier
<code at> wrote:

> It almost seems like a new TLS extension should be proposed, where the
> client can tell the server how many bits of DH it is willing to accept.
>  (Similar in spirit, although simpler than, the extension used to negotiate
> curves for elliptic curve.)  If the client sends the extension, then the
> server can know with confidence what size of DH params are acceptable.  If
> the client doesn't send the extension, the server can make a conservative
> assumption.  (Probably 2236 bits.)

Such an extension would be useful, as it could be used to communicate
the DH exponent size which now is only known to the server. That would
also optimize the key exchange. However I doubt that the WG would
accept such a modification (most probably such a proposal will be
answered with why don't you use ECDH?).


More information about the Gnutls-help mailing list