[gnutls-help] gnutls_dh_set_prime_bits question

[Nikos Mavrogiannopoulos]

On 07/02/2013 08:31 PM, Ted Zlatanov wrote:

> I think negotiating the connection twice is unacceptable for
> performance.  We have to find a way to do it in one attempt, even if the
> user has to configure something about the exceptional servers.  Can we
> always try ECDHE and only do DHE if the user tells us so?

Hello,
 You can always disable DHE. That way ECDHE will be negotiated with RSA
as fallback.

regards,
Nikos