GnuTLS 2.8.6 vs RFC 4346 stringent EXPORT cipher suites condition

Nikos Mavrogiannopoulos nmav at
Sat Mar 20 12:23:25 CET 2010

Adrian F. Dimcev wrote:
> Section A5:
> A series of cipher suites were designed to operate at reduced key
> lengths in order to comply with those regulations.  Due to advances in
> computer performance, these algorithms are now unacceptably weak, and
> export restrictions have since been loosened. TLS 1.1 implementations
> MUST NOT negotiate these cipher suites in TLS 1.1 mode. However, for
> backward compatibility they may be offered in the Client Hello for use
> with TLS 1.0 or SSLv3-only servers. TLS 1.1 clients MUST check that the
> server did not choose one of these cipher suites during the handshake. 
> These ciphersuites are listed below for informational purposes and to
> reserve the numbers.
> CipherSuite TLS_RSA_EXPORT_WITH_RC4_40_MD5 = { 0x00,0x03 };

Hello and thank you for the report. I have committed a fix in the
development version.


More information about the Gnutls-devel mailing list