gnutls 3.0.9

Nikos Mavrogiannopoulos nmav at gnutls.org
Wed Jan 4 17:33:55 CET 2012


On 01/04/2012 05:07 PM, Florian Weimer wrote:

> * Nikos Mavrogiannopoulos:
> 
>> ** libgnutls: Added new priority string %SERVER_PRECEDENCE, which
>> changes the ciphersuite selection procedure. If specified the server
>> priorities will be used for selection instead of the client's.
> Is it true that without %SERVER_PRECEDENCE (and in earlier versions),
> the GNUTLS client only looks at its own cipher list, and does not
> restrict itself to the intersection of its own suites and that provided
> by the server?


%SERVER_PRECEDENCE has no effect if given in client side. It affects how the server selects the ciphersuite from the common supported.

> We're seeing interop issues with a TLSv1.2 server which advertises are
> fairly restricted list of cipher suites.


What do you see?

regards,
Nikos




More information about the Gnutls-help mailing list