[sr #107623] Priority string "SECURITY256" seemingly no longer supports DSA keys

Nikos Mavrogiannopoulos INVALID.NOREPLY at gnu.org
Tue Mar 15 23:59:04 CET 2011

Update of sr #107623 (project gnutls):

                  Status:                    None => In Progress            
             Assigned to:                    None => nmav                   


Follow-up Comment #1:

 I've committed a fix that might solve your issue. The commit is at:

However some notes. Gnutls prefers openpgp keys to have a DSA or RSA subkey
(ELG is not supported by TLS and using the master key is not wise). Moreover
DSA keys of more than 1024 bits are not very well defined in the TLS protocol.
The missing parts are filled in by gnutls and thus might not interoperate
correctly with other implementations. If you want to be on the safe side
either use DSA-1024 or RSA of any size.

Please let me know if the patches solve your issue.


Reply to this item at:


  Message sent via/by Savannah

More information about the Gnutls-devel mailing list