[gnutls-help] Is AES GCM only in TLS1.2 ?
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu May 28 00:37:32 CEST 2015
On Wed 2015-05-27 16:35:52 -0400, jonetsu wrote:
> The output of the cipher listing, in FIPS mode, filtered for TLS1.2, gives:
>
> % gnutls-cli -l --priority NORMAL | grep 1.2
>
> TLS_ECDHE_ECDSA_AES_128_GCM_SHA256
> TLS_ECDHE_ECDSA_AES_256_GCM_SHA384
> TLS_ECDHE_ECDSA_CAMELLIA_128_GCM_SHA256
> TLS_ECDHE_ECDSA_CAMELLIA_256_GCM_SHA384
> [...]
It appears you've trimmed the right-hand side of this transcript, where
TLS1.2 actually appears.
> Only GCM variation of AES. Why is GCM the only available AES variation in TLS1.2 ?
I think you're misunderstanding the output of gnutls-cli -l, which looks
like this:
TLS_ECDHE_ECDSA_AES_128_GCM_SHA256 0xc0, 0x2b TLS1.2
I think this line says that the TLS_ECDHE_ECDSA_AES_128_GCM_SHA256
ciphersuite is only available for TLS 1.2 and higher (because that is
when it when it was introduced).
You'll note that no ciphersuites are listed with a "TLS1.1" label,
despite the fact that GnuTLS will connect to a peer that only handles
TLS 1.1.
Similarly, there are ciphersuites marked with SSL3.0, despite the fact
that GnuTLS does not support SSLv3 any longer (SSLv3 is old and
known-broken[0]). These ciphersuites are listed that way because that's
the protocol version in which they were introduced.
hth,
--dkg
[0] https://tools.ietf.org/html/draft-ietf-tls-sslv3-diediedie-03
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 948 bytes
Desc: not available
URL: </pipermail/attachments/20150527/a86031a4/attachment.sig>
More information about the Gnutls-help
mailing list