Bug#710657: gnutls: Negiotates an SSL v3.0 cipher when talkign to openssl using TLS 1.2
Andreas Metzler
ametzler at downhill.at.eu.org
Sun Jun 2 16:41:47 UTC 2013
On 2013-06-01 Kurt Roeckx <kurt at roeckx.be> wrote:
> Source: gnutls26
> Version: 2.12.20-6
> Severity: important
> Tags: security
> Hi,
> When using gnutls-cli to talk to apache with mod_ssl, I
> always get this when testing with SSL v3.0 to TLS v1.2:
> - Key Exchange: DHE-RSA
> - Cipher: AES-128-CBC
> - MAC: SHA1
> When talking to it with TLS 1.2, I really would like to see
> that it doesn't use SHA1. From gnutls-cli --list, I would
> expect it to use one of the following:
> TLS_DHE_RSA_AES_128_CBC_SHA256 0x00, 0x67 TLS1.2
> TLS_DHE_RSA_AES_256_CBC_SHA256 0x00, 0x6b TLS1.2
> Openssl supports both of them.
> openssl also selects DHE-RSA-AES256-SHA256 when talking to itself
> when GCM is disabled, so I assume this is a gnutls problem.
Hello,
Parts of this have come up before:
* Discussion about using 128 by default instead of 256 is here:
http://bugs.debian.org/476441
* Regarding SHA-1:
Quoting Nikos Mavrogiannopoulos in <http://bugs.debian.org/665766>:
"I'm not aware of weaknesses in SHA-1 when used with the HMAC
construction."
cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Pkg-gnutls-maint
mailing list