Bug#1091103: gnutls-bin: SRP support is accidentally disabled since 3.8.1-2
Samuel Henrique
samueloph at debian.org
Sat Feb 8 22:50:14 GMT 2025
Control: close -1
Hello Andreas,
> > Would it make sense to enable it for as long as TLS 1.2 is supported?
>
> > For the curl package, we make use of GnuTLS to run tests for TLS-SRP
> > support, without it we lose that test coverage. It's not critical, but
> > it helps a lot.
>
> Hello Samuel,
>
> isn't this (testsuite case) a pretty weak argument for shipping an
> outdated and rather exotic cyphersuite?
It definitely is, yes.
> This really is supposed to be an honest question, I think I am missing
> something important. I have got some saved-up trust in
> $curl-maintainers and am ready to be convined or told.
I don't think you should enable it just because of curl, what I had in mind is
that it could make sense to enable it for as long as TLS 1.2 is there
(considering they are both outdated). But I will not push for this, and you are
in a better position to make the decision.
Given the removal wasn't accidental, I will close this bug, thanks!
--
Samuel Henrique <samueloph>
More information about the Pkg-gnutls-maint
mailing list