[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
TLS 1.2 server
From: |
Daiki Ueno |
Subject: |
TLS 1.2 server |
Date: |
Wed, 30 Sep 2009 10:53:45 +0900 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/23.1.50 (gnu/linux) |
Hello,
I've just pushed TLS 1.2 server fix. While it was done in the same way
as I did for client, I'd appreciate if someone will take a look at the
changes:
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=e0b1124f72e3d5210000b3f677b401d8b2654ea4
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=4b48a9e8e28bbd468b48ed5cb95ba0cce7508be6
The latter change is not essential by now but it will be needed when we
will use a hash algorithm other than SHA1 to compute a signature of DH
params.
Anyway, TLS 1.2 server works again. I tried it with Opera 10 and the
test output from GnuTLS says:
Server Name: localhost
Ephemeral DH using prime of 1024 bits.
Protocol version: TLS1.2
Certificate Type: X.509
Key Exchange: DHE-RSA
Compression NULL
Cipher AES-256-CBC
MAC SHA256
Ciphersuite DHE_RSA_AES_256_CBC_SHA256
Regards,
--
Daiki Ueno
- TLS 1.2 server,
Daiki Ueno <=