[Pkg-openldap-devel] Bug#473796: Bug#473796: Bug#473796: TLS fails completely
Quanah Gibson-Mount
quanah at zimbra.com
Mon Jun 30 21:22:16 UTC 2008
--On Sunday, June 29, 2008 1:12 AM -0700 Steve Langasek <vorlon at debian.org>
wrote:
>> I.e., the TLS SSF is 32. So no value > 32 will ever work.
>
> This suggests to me that the SSF values haven't been properly normalized
> for GNUtls. Doesn't the "128" mean, roughly, a symmetric cipher with
> keylength of 128? Surely the user's "TLSCipherSuite
> TLS_RSA_AES_256_CBC_SHA1" should satisfy this?
The GnuTLS library is what reports back the SSF value. It may be
worthwhile to discuss with them why their values are so low.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
More information about the Pkg-openldap-devel
mailing list