GnuTLS/NSS interop in Exim 4.80 RC
Janne Snabb
snabb at epipe.com
Fri May 25 19:22:30 CEST 2012
On Mon, 21 May 2012, Phil Pennock wrote:
> NSS limit is 2236 bits.
Just a brief update on this in case someone is interested:
It appears that this limit has been already increased to 3072 bits in
the latest NSS release 3.13.4. See the diff at:
http://bonsai.mozilla.org/cvsview2.cgi?diff_mode=context&whitespace_mode=show&file=blapit.h&branch=&root=/cvsroot&subdir=mozilla/security/nss/lib/freebl&command=DIFF_FRAMESET&rev1=1.25&rev2=1.26
Thus we should be soon starting to see NSS based clients which can
negotiate DHE-RSA with GnuTLS at "NORMAL" security level.
Now they are planning to increase the limit to 16k in the next NSS
release 3.13.5. See the latest update of the NSS bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=636802
After that has been completed, NSS clients should be able to do DHE
(but probably not RSA) with GnuTLS server at all security levels.
--
Janne Snabb / EPIPE Communications
snabb at epipe.com - http://epipe.com/
More information about the Gnutls-help
mailing list