From Massimo.Miletto at gru.bitron-ind.com  Thu Oct  7 13:50:52 2021
From: Massimo.Miletto at gru.bitron-ind.com (Miletto Massimo)
Date: Thu, 7 Oct 2021 11:50:52 +0000
Subject: [gnutls-help] OCSP protocol using GnuTLS
Message-ID: <3fd9ee8752944c9d9488fddffad64b45@gru.bitron-ind.com>

CONFIDENTIALITY |Internal | Confidential | Restricted |

Hello everyone,

We are developing a client service that comunicate with a server.
To validate the certificate we have to develop the OCSP protocol.
We are using an embedded 32 bit microcontroller with FREERTOS. The program language is C.

I have seen that the gnutls-3.6.16 manages the OCSP protocol.
I have the following questions:
1 - Is it necessary install all the library to use only the OCSP functionality?
2 - I have tried to run the ./configure from the cmd.exe but it doesn't work. Have you any suggestions?
3 - The OCSP functionality will be integrated in a commerical software. Is it necessary a commercial license?

Thanks
Massimo Miletto
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-help/attachments/20211007/f45cd652/attachment.html>

From teo.en.ming at protonmail.com  Sat Oct 16 09:47:10 2021
From: teo.en.ming at protonmail.com (Turritopsis Dohrnii Teo En Ming)
Date: Sat, 16 Oct 2021 07:47:10 +0000
Subject: [gnutls-help] How do I use the GnuTLS Transport Layer Security
 Secure Communications Library on Linux and Windows desktops?
Message-ID: <CSAhPrGc-f27wWSF-zih9Ir0_BLKb6yW9Nq-SaTcizYBoGkjonE-3M919NJbVJq_207Dh3pEleg5Gs_oL83qwFndwmDA9PF6CEglQH0DX_s=@protonmail.com>

Subject: How do I use the GnuTLS Transport Layer Security Secure Communications Library on Linux and Windows desktops?

Good day from Singapore,

How do I use the GnuTLS Transport Layer Security Secure Communications Library on Linux and Windows desktops?

I am very interested in the secure communications library and cryptography.

On the Overview page on your official website at https://gnutls.org/index.html, it says:

[QUOTE]

Welcome to GnuTLS project pages

Overview
========

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, and other required structures.

The project strives to provide a secure communications back-end, simple to use and integrated with the rest of the base Linux libraries. A back-end designed to work and be secure out of the box, keeping the complexity of TLS and PKI out of application code.

Features
========

Support for TLS 1.3, 1.2, 1.1, 1.0 protocols, and (optionally) SSL 3.0
Support for DTLS 1.2, and DTLS 1.0, protocols
Support for certificate path validation, as well as DANE and trust on first use.
Support for the Online Certificate Status Protocol (OCSP).
Support for public key methods, including RSA and Elliptic curves, as well as password and key authentication methods such as SRP and PSK protocols.
Support for all the strong encryption algorithms, including AES and Camellia.
Support for CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
Support for cryptographic accelerator drivers via /dev/crypto.
Supports natively HSMs and cryptographic tokens, via PKCS #11 and the Trusted Platform Module (TPM).
Runs on most Unix platforms and Windows.

License
=======

The core library licensed under the GNU Lesser General Public License version 2.1 (LGPLv2.1+). The LGPL license is compatible with a wide range of free licenses, and even permit you to use GnuTLS in non-free proprietary programs.

Documentation:
You can obtain GnuTLS' manual at lulu.com or download any of the electronic formats.

For more information on GnuTLS features, see the wikipedia article comparing different TLS implementations.

[/QUOTE]

I am looking forward to your reply.

Thank you very much.

Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 16 Oct 2021, is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant with a Systems Integrator (SI)/computer firm in Singapore. He is an IT enthusiast.

-----BEGIN EMAIL SIGNATURE-----

The Gospel for all Targeted Individuals (TIs):

[The New York Times] Microwave Weapons Are Prime Suspect in Ills of U.S. Embassy Workers

Link:
https://www.nytimes.com/2018/09/01/science/sonic-attack-cuba-microwave.html

********************************************************************************************

Singaporean Targeted Individual Mr. Turritopsis Dohrnii Teo En Ming's Academic Qualifications as at 14 Feb 2019 and refugee seeking attempts at the United Nations Refugee Agency Bangkok (21 Mar 2017), in Taiwan (5 Aug 2019) and Australia (25 Dec 2019 to 9 Jan 2020):

[1]
https://tdtemcerts.wordpress.com/

[2]
https://tdtemcerts.blogspot.sg/

[3]
https://www.scribd.com/user/270125049/Teo-En-Ming

-----END EMAIL SIGNATURE-----

Sent with [ProtonMail](https://protonmail.com/) Secure Email.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-help/attachments/20211016/cd2385bd/attachment-0001.html>

From teo.en.ming at protonmail.com  Sat Oct 16 10:33:41 2021
From: teo.en.ming at protonmail.com (Turritopsis Dohrnii Teo En Ming)
Date: Sat, 16 Oct 2021 08:33:41 +0000
Subject: [gnutls-help] How do I use the GnuTLS Transport Layer Security
 Secure Communications Library on Linux and Windows desktops?
In-Reply-To: <YWqLTQpKVpP5WP/6@nic.fr>
References: <CSAhPrGc-f27wWSF-zih9Ir0_BLKb6yW9Nq-SaTcizYBoGkjonE-3M919NJbVJq_207Dh3pEleg5Gs_oL83qwFndwmDA9PF6CEglQH0DX_s=@protonmail.com>
 <YWqLTQpKVpP5WP/6@nic.fr>
Message-ID: <NB6dn6vlIwi5q9bZmQIjNaVJHlsUWOxc8aR-ezlQPwJ0ULJoC--1KMYbVGUeDtiBu6ndj5qbtgxOdU_QnZoZO5qAWd4zo9Etmq4Phnza1OY=@protonmail.com>

Dear Stephane Bortzmeyer,

Thank you for your reply.

I will read through the documentation.

If I have further questions, I will ask again.

Regards,

Mr. Turritopsis Dohrnii Teo En Ming
Targeted Individual in Singapore



??????? Original Message ???????

On Saturday, October 16th, 2021 at 4:20 PM, Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote:

> On Sat, Oct 16, 2021 at 07:47:10AM +0000,
>
> Turritopsis Dohrnii Teo En Ming teo.en.ming at protonmail.com wrote
>
> a message of 191 lines which said:
>
> > Subject: How do I use the GnuTLS Transport Layer Security Secure
> >
> > Communications Library on Linux and Windows desktops?
>
> I assume you already installed it ("Linux", as you know, is not an
>
> operating system, just a kernel, so the installation of the package
>
> will depend on your specific operating system; on Debian, 'apt install
>
> libgnutls28-dev' will do the job).
>
> To now use the library, the documentation is here:
>
> https://gnutls.org/manual/html_node/How-to-use-GnuTLS-in-applications.html#How-to-use-GnuTLS-in-applications
>
> I attach a very simple C program to connect to a TLS server, to help
>
> you start. I compiled it on Debian with 'cc -I/usr/include/p11-kit-1
>
> -Wall -Wextra -o test test.c -lgnutls'.
>
> [I cannot help for MS Windows, I don't know it enough.]


From bortzmeyer at nic.fr  Sat Oct 16 10:20:29 2021
From: bortzmeyer at nic.fr (Stephane Bortzmeyer)
Date: Sat, 16 Oct 2021 10:20:29 +0200
Subject: [gnutls-help] How do I use the GnuTLS Transport Layer Security
 Secure Communications Library on Linux and Windows desktops?
In-Reply-To: <CSAhPrGc-f27wWSF-zih9Ir0_BLKb6yW9Nq-SaTcizYBoGkjonE-3M919NJbVJq_207Dh3pEleg5Gs_oL83qwFndwmDA9PF6CEglQH0DX_s=@protonmail.com>
References: <CSAhPrGc-f27wWSF-zih9Ir0_BLKb6yW9Nq-SaTcizYBoGkjonE-3M919NJbVJq_207Dh3pEleg5Gs_oL83qwFndwmDA9PF6CEglQH0DX_s=@protonmail.com>
Message-ID: <YWqLTQpKVpP5WP/6@nic.fr>

On Sat, Oct 16, 2021 at 07:47:10AM +0000,
 Turritopsis Dohrnii Teo En Ming <teo.en.ming at protonmail.com> wrote 
 a message of 191 lines which said:

> Subject: How do I use the GnuTLS Transport Layer Security Secure
> Communications Library on Linux and Windows desktops?

I assume you already installed it ("Linux", as you know, is not an
operating system, just a kernel, so the installation of the package
will depend on your specific operating system; on Debian, 'apt install
libgnutls28-dev' will do the job).

To now use the library, the documentation is here:
https://gnutls.org/manual/html_node/How-to-use-GnuTLS-in-applications.html#How-to-use-GnuTLS-in-applications

I attach a very simple C program to connect to a TLS server, to help
you start. I compiled it on Debian with 'cc -I/usr/include/p11-kit-1
-Wall -Wextra -o test test.c -lgnutls'.

[I cannot help for MS Windows, I don't know it enough.]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: test.c
Type: text/x-csrc
Size: 4392 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnutls-help/attachments/20211016/da424dc5/attachment.c>

From jgh at wizmail.org  Sun Oct 24 11:58:41 2021
From: jgh at wizmail.org (Jeremy Harris)
Date: Sun, 24 Oct 2021 10:58:41 +0100
Subject: [gnutls-help] DH params
Message-ID: <b5e8af4a-bb9d-15f6-1b48-27e2a790c103@wizmail.org>

Could someone give an opinion on
https://gitlab.com/gnutls/gnutls/-/issues/1077 ?

The current situation seems to be that the GnuTLS documentation
is just plain wrong (and needs fixing).  But it's also possible
that this is a bug in the implementation; that the documented action
was intended but never committed, or got lost.


(problem still present in 3.6.16 - having been noted in that
gitlab issue for 3.6.14)
-- 
Thanks,
   Jeremy  (as a mainter of the Exim MTA)