[mod_gnutls-devel] Does mod-gnutls supports GCM mode?

Nikos Mavrogiannopoulos nmav at gnutls.org
Sat Nov 1 08:31:34 CET 2014


On Fri, 2014-10-31 at 23:59 +0100, Peter Ulber wrote:
> Hi,
> I tried hard to find suitable priority strings for my web server, using
> - debian wheezy 7.6 
> - apache 2.2.22
> - gnutls 3.3.7
> - mod-gnutls 0.5.10
> For TLS 1.2 I wanted to use GCM instead of CBC, but it seems that
> mod-gnutls doesn't support that. It would be nice having it :)
> Additionally it's hard to find out what priority strings are actually
> supported. I looked it up here:

I don't know whether there are restrictions to the priority strings used
by mod_gnutls, but if you can freely select gnutls' strings an
equivalent to what you had is the following:
"NORMAL:-VERS-SSL3.0:-RSA:-ARCFOUR-128:-SIGN-RSA-SHA1:-SIGN-ECDSA-SHA1:-SIGN-DSA-SHA1:%SERVER_PRECEDENCE"

You can always see what a string enables using gnutls-cli -l --priority
"xxx".

The string above would prioritize GCM over CBC for clients that support
it, and it will follow the gnutls' defaults, which may change if there
is some other prioritization needed due to a new attack.

The difference with what you have, is that it enables everything known
to be secure, and disables the known to be insecure algorithms. For
example your string disabled signing with SHA224, SHA384 and SHA512, as
well as elliptic curves and there is no security reason for that.

Also beware that you shouldn't add -SIGN-RSA-SHA1 if your certificate is
signed with SHA1. It could cause issues to clients that strictly follow
the protocol (and is pointless as anyway SHA1 remains the weakest link).

regards,
Nikos





More information about the mod_gnutls-devel mailing list