[gnutls-help] User-level visibility of GnuTLS security and tuning

Nikos Mavrogiannopoulos nmav at gnutls.org
Tue Dec 9 17:25:28 CET 2014

On Mon, Dec 8, 2014 at 7:49 PM, Ted Zlatanov <tzz at lifelogs.com> wrote:
> Some other browsers are discussing switching off "weak" encryption in
> one form or another.  I don't think that's a good idea, because
> sometimes you want to visit web sites and don't care whether they use
> "good" encryption or not.
> But it might make sense to warn users that this is happening.  Perhaps
> by default, perhaps only if they have switched to `high' security.
> Candidates for these warnings would be
> * low prime-bits used in the Diffie-Hellman handshake
> * SSL1, SSL2 and SSL3

If the code is gnutls, it only supports SSL 3.0 or later (btw. there
is no SSL 1.0). I'd warn on TLS 1.0 (inclusive due to BEAST attack)
and earlier.

> Can anybody think of anything else that's considered "weak" these days?
> Perhaps it might make sense to allow users to specify high-grained
> security policies?

I think a good approach is to define few understandable policies.
Fedora for example provides LEGACY, DEFAULT and FUTURE. The idea is
that legacy would work with any server providing something better than
plaintext, default a reasonable security level for today's metrics,
and future is a security level with the state of the art encryption
requirements of today.
You may get inspired by the gnutls settings for them:


More information about the Gnutls-help mailing list