On Tue, Mar 11, 2014 at 11:16 AM, Manuel Pégourié-Gonnard <[email protected]> wrote: >> The RFCs you refer to don't mention SSL 3.0 at all, so my approach was >> to allow these algorithms for TLS 1.0 or later. Unfortunately openssl >> was negotiating these algorithms on SSL 3.0 as well, so I allowed some >> of them in SSL 3.0 as well. I asked the TLS WG at the time, and there >> was no real answer. Anyway maybe it makes sense to allow all the TLS 1.0 >> ciphersuites in SSL 3.0 as well to prevent any incompatibilities. > I see you allowed these suites in SSL 3.0 in the latest release. I agree that > it's not clear if there is a real answer here, but thanks for you reaction > anyway.
Hello, Actually I was wrong in allowing them. SSL 3.0 uses a special MAC construction that isn't defined for SHA256 or better, and there is no authority to extend that definition. I'll revert that choice on the next bug fix release. regards, Nikos _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
