GnuTLS 2.3.4.netconf.2

Simon Josefsson simon at josefsson.org
Wed Jun 4 08:16:25 CEST 2008


There is a branch 'gnutls_with_netconf' for the goal of implementing
support for Netconf over TLS-PSK as per this IETF draft:
<http://tools.ietf.org/html/draft-ietf-netconf-tls>.

This is the third release from this branch, and it adds support for
sending the psk_identity_hint in the server and enhanced documentation
on how to use the new features.

The branch is currently based on gnutls 2.3.4, which explains the
version numbers in the tar archive filename.

The goal is to merge this with the development branch eventually.

Here are the compressed sources:
  http://alpha.gnu.org/gnu/gnutls/gnutls-2.3.4.netconf.2.tar.bz2
  ftp://alpha.gnu.org/gnu/gnutls/gnutls-2.3.4.netconf.2.tar.bz2

Happy hacking,
Simon

* Version 2.3.4.netconf.2 (released 2008-06-04)

** libgnutls [PSK]: New API to retrieve PSK identity hint in client.
The function is gnutls_psk_client_get_hint.

** libgnutls [PSK]: New API to set PSK identity hint in server.
The function is gnutls_psk_set_server_credentials_hint.

** libgnutls [PSK]: Will send server key exchange with PSK identity hint.
The message is sent if the application has specified a PSK identity
hint using gnutls_psk_set_server_credentials_hint.

** psktool: Support new --netconf-hint to generate PSK key from password.
Uses the Netconf algorithm to derive PSK key from password.

** gnutls-serv: Support new --pskhint parameter to set PSK identity hint.

** gnutls-cli: Always support PSK modes, through a callback.
The callback will derive a PSK key using Netconf algorithm.  It will
print the PSK identity hint to help the user.

** API and ABI modifications:
gnutls_psk_client_get_hint: ADDED.
gnutls_psk_set_server_credentials_hint: ADDED.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 419 bytes
Desc: not available
URL: </pipermail/attachments/20080604/cf354ee3/attachment.pgp>


More information about the Gnutls-devel mailing list