[Pkg-openldap-devel] Bug#473796: Bug#473796: Bug#473796: TLS fails completely

Quanah Gibson-Mount quanah at zimbra.com
Mon Jun 30 21:22:16 UTC 2008


--On Sunday, June 29, 2008 1:12 AM -0700 Steve Langasek <vorlon at debian.org> 
wrote:

>> I.e., the TLS SSF is 32.  So no value > 32 will ever work.
>
> This suggests to me that the SSF values haven't been properly normalized
> for GNUtls.  Doesn't the "128" mean, roughly, a symmetric cipher with
> keylength of 128?  Surely the user's "TLSCipherSuite
> TLS_RSA_AES_256_CBC_SHA1" should satisfy this?

The GnuTLS library is what reports back the SSF value.  It may be 
worthwhile to discuss with them why their values are so low.

--Quanah



--

Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration





More information about the Pkg-openldap-devel mailing list