TLS 1.2 Signature Algorithms ClientHello extension

Nikos Mavrogiannopoulos nmav at
Sat Dec 24 11:11:00 CET 2011

On Mon, Dec 19, 2011 at 10:19 PM, Heit, James R <James.Heit at>wrote:

> Hello,****
> I have been working on the implementation of the TLS 1.2 protocol.  TLS
> 1.2 requires servers to handle the Signature Algorithms extension to the
> ClientHello handshake message.  My reading of RFC 5246 (
> indicates that if client presents the extension (it can be omitted) it
> should include all hash/signature algorithm pairs the client is willing  to
> process.  While running the latest version of FileZilla, which uses GnuTLS
> 2.10.4, the only proposed Signature Algorithm is {SHA512,RSA}.  If I stick
> with the RFC, the handshake will fail, as my {SHA1,RSA} signed certificate
> is not in the list.****
> I’m not saying Microsoft is always right (in this case I think they are),
> but IE8/Win7 sends 7 Signature Algorithms in the extension:

 This is a configuration issue. Filezilla for some reason unknown to me
only enables 256-bit ciphersuites and signature algorithms. If you use
gnutls-cli with your server you'll see that gnutls sends all options.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20111224/0152d0a9/attachment.htm>

More information about the Gnutls-devel mailing list