priority strings behavior
Nikos Mavrogiannopoulos
nmav at gnutls.org
Sat Jul 23 15:47:10 CEST 2011
On 07/05/2011 08:41 AM, ben thielsen wrote:
> hi-
>
> i'm experimenting a bit with setting specific priority strings.
> i've been reading some of the documentation, namely gnutls.pdf from
> http://www.gnu.org/software/gnutls/documentation.html and man 1
> gnutls-cli, but i think some of the nuances are escaping me. i get
> the feeling that specifying certain things [specifically, cipher
> suites] will inherently also enable other certain things - is this
> true? are the cipher suites just shorthand methods for enabling
> multiple other specific things at once? is there somewhere
> documented which settings turn on other settings, and what they are?
>
> more specifically, i'd like to enable only the following:
[...]
> ...it seems like there's some contradiction between the list of
> cipher suites and the list of MACs? i can somehow use sha512, but
> none of the cipher suites can?
Gnutls priority strings are flexible and might allow more combinations
than the actual ciphersuites. If you want to pick a specific set of
algorithms it is better to pick a ciphersuite and use the algorithms it
consists from.
regards,
Nikos
More information about the Gnutls-help
mailing list