Poll: What do you want to see implemented in GnuTLS next?

[Simon Josefsson]

Daiki Ueno <ueno at unixuser.org> writes:

>> Finishing the TLS 1.2 support and adding the new cipher suites is a
>> high-priority task and it shouldn't be too difficult since there are TLS
>> 1.2 test servers out there to test with.
>
> Thanks for the hint.  I'll check which features of TLS 1.2 are not
> implemented.  Adding HMAC-SHA256 cipher suites looks one thing to do.

Actually TLS 1.2 is not working in GnuTLS now, the drafts changed how
the negotiation worked after I implemented it and I never found time to
update it to support the protocol defined by the final RFC.  I don't
expect finishing this would require major changes, so it would be a
great contribution to finish the TLS 1.2 support.  Definitely adding
SHA256 ciphers would be good.

Reading doc/TODO I couldn't find any other easily identifiable task that
is more important except possibly DTLS support (but Jonathan is working
on that already).

Maybe we can turn this into an open poll.  What do people want to see
happen next?

AES-GCM cipher suites would be nice.  There is also the OCSP extension,
which would be fairly easy to add.

/Simon