[gnutls-devel] GnuTLS | certtool: --to-p12: use modern algorithms by default (!1499)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Mon Dec 20 18:06:28 CET 2021




Hubert Kario (@mention me if you need reply) commented:


r+ on changes, but I'd like to see a bit more testing.

First: just to double check, the addition of --with-pkcs12-iter-count=10000 in test scripts is just there to speed up CI?

Second, shouldn't we verify that 600000 is indeed the new default?
Third, what's the HMAC used for PBKDF2? Doesn't GnuTLS default to SHA1 there?

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1499#note_790261803
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20211220/26cf1806/attachment.html>


More information about the Gnutls-devel mailing list