[gnutls-help] gnutls_dh_set_prime_bits question
Ted Zlatanov
tzz at lifelogs.com
Thu Feb 13 15:02:25 CET 2014
On Wed, 12 Feb 2014 19:57:43 +0100 Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote:
NM> On 02/11/2014 03:33 PM, Ted Zlatanov wrote:
NM> On Mon, Feb 10, 2014 at 5:51 PM, Ted Zlatanov <tzz at lifelogs.com> wrote:
>>>> I didn't see that somehow build-aux/config.rpath got included in the
>>>> patch, which was already pretty long. Sorry about that.
>>
NM> There seems to be something wrong with the patch for documentation.
NM> There are duplicate sections (e.g. "Introduction to the library"), and
NM> it seems like it duplicates existing documention. Is that intentional?
>>
>> Ugh. I was editing the document and everything looked OK with `git
>> diff' but when I redirected it I caught some garbage in the patch. I'm
>> sorry about that, no idea what happened[1]. See attached.
NM> Thanks. I've committed only part of it. I think mentioning the detailed
NM> mappings to ciphersuites or algorithms should be done in an appendix (or
NM> one can obtain the list in real-time by using gnutls-cli -l --priority
NM> NORMAL).
Maybe we should mention that method at the beginning of the list of
priority strings?
I think an auto-generated appendix would be terrific as a reference, so
you don't have to run gnutls-cli to find out what "NORMAL" means. For
instance, if you're setting up priority strings in Emacs, it would be
really nice :) It sounds reasonably easy with some scripting. As text
it would be very convenient for grepping and diffing.
The meaning of e.g. "NORMAL" for a particular release is particularly
important, both to look for behavior changes as a diff and for users
stuck on that release.
NM> I'd prefer not to have such mappings in the main documentation so that
NM> there is freedom to rearrange algorithms and orders, as new attacks are
NM> being found without being bound to strict documented behavior.
Understood, it's a hassle certainly.
>> Should I mention for each priority string (I only did for "NORMAL") if
>> it enables or disabled DHE?
What do you think about this?
Thanks
Ted
More information about the Gnutls-help
mailing list