[gnutls-help] gnutls_dh_set_prime_bits question
Ted Zlatanov
tzz at lifelogs.com
Mon Feb 10 00:22:26 CET 2014
On Fri, 03 Jan 2014 21:54:39 +0100 Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote:
NM> On 01/03/2014 09:29 PM, Ted Zlatanov wrote:
>> On Sun, 22 Dec 2013 09:05:12 +0100 Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote:
>>
>>>> I was about to submit a patch against the manual based on this e-mail
>>>> from July and wanted to quickly check if the answers to (1), (2), (3)
>>>> have changed (since I know there have been some issues with EC since
>>>> then).
I wrote a patch that tries to list all the things enabled for each
level and mentions how to disable DHE.
It could use a thorough check. I did a lot of text editing by hand
because the command `gnutls-cli -l --priority NORMAL' doesn't seem to
differ from `gnutls-cli -l', so there's no way to tell what a priority
string triggers AFAICT except by looking at the code.
NM> What issues are you referring to?
>>
>> I did not mean "some issues with EC" to mean GnuTLS specifically,
>> sorry if that was unclear.
>>
>> I meant the backdoor in http://en.wikipedia.org/wiki/Dual_EC_DRBG and
>> AFAIK it doesn't affect GnuTLS, but I would expect users to be somewhat
>> paranoid about anything with "EC" in the name. So we could amend the
>> answers to preempt the possible EC-related questions. It's up to you if
>> you feel that's necessary.
NM> Indeed, I noticed that confusion too on various forums. For that topic
NM> it may be nice to have an answer in:
NM> http://www.gnutls.org/faq.html
NM> For modifying that you may want to check the web-pages branch of the
NM> gnutls repository.
I hope the answer in the patch attached here is not *too* brief :)
Thanks, and sorry for the delay with this...
Ted
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gnutls-doc.patch
Type: text/x-diff
Size: 66623 bytes
Desc: not available
URL: </pipermail/attachments/20140209/03adfa82/attachment-0002.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gnutls-faq.patch
Type: text/x-diff
Size: 488 bytes
Desc: not available
URL: </pipermail/attachments/20140209/03adfa82/attachment-0003.patch>
More information about the Gnutls-help
mailing list