diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2002-08-25 18:41:57 +0000 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2002-08-25 18:41:57 +0000 |
| commit | 6e7aa8929787d4bae6e867bb26015a08a53ffb46 (patch) | |
| tree | 34f3cf6ad4a131a461f62c247ab0379f1f7ef545 | |
| parent | f49951cd17ec1613de2da6ea8a9587fadcea3a30 (diff) | |
| download | gnutls-6e7aa8929787d4bae6e867bb26015a08a53ffb46.tar.gz | |
changes in order to keep up with the addition of export-grade ciphersuite
| -rw-r--r-- | doc/tex/auth.tex | 4 | ||||
| -rw-r--r-- | doc/tex/ciphers.tex | 4 | ||||
| -rw-r--r-- | doc/tex/intro.tex | 5 |
3 files changed, 9 insertions, 4 deletions
diff --git a/doc/tex/auth.tex b/doc/tex/auth.tex index edce440600..4865b90b54 100644 --- a/doc/tex/auth.tex +++ b/doc/tex/auth.tex @@ -16,6 +16,10 @@ The following authentication schemas are supported in \gnutls: RSA & The RSA algorithm is used to encrypt a key and send it to the peer. The certificate must allow the key to be used for encryption. \\ +RSA\_EXPORT & The RSA algorithm is used to encrypt a key and send it to the peer. +In the EXPORT algorithm, the server signs temporary RSA parameters of 512 +bits -- which is considered weak -- and sends them to the client. +\\ \hline DHE\_RSA & The RSA algorithm is used to sign Ephemeral Diffie Hellman parameters which are sent to the peer. The key in the certificate must allow diff --git a/doc/tex/ciphers.tex b/doc/tex/ciphers.tex index ea5e18be60..12506a9b05 100644 --- a/doc/tex/ciphers.tex +++ b/doc/tex/ciphers.tex @@ -23,6 +23,10 @@ encryption (EDE). Has 64 bits block size and is used in CBC mode. ARCFOUR & ARCFOUR is a fast stream cipher. \\ \hline +ARCFOUR\_EXPORT & This is the ARCFOUR cipher that is fed with a 40 bit key, +which is considered weak. +\\ +\hline AES\_CBC & AES or RIJNDAEL is the block cipher algorithm that replaces the old DES algorithm. Has 128 bits block size and is used in CBC mode. This is not officially diff --git a/doc/tex/intro.tex b/doc/tex/intro.tex index 9191da7005..568e520274 100644 --- a/doc/tex/intro.tex +++ b/doc/tex/intro.tex @@ -32,10 +32,7 @@ for updated versions of the \gnutls{} software and this document. Currently \gnutls{} implements: \begin{itemize} -\item the \tlsI{} and \sslIII{} protocols, without any weak algorithms\footnote{ -There are ciphersuites in \tlsI{} that are considered weak. These -ciphersuites are deliberately weak in order to be able to export encryption -software from some countries.} +\item the \tlsI{} and \sslIII{} protocols. \item {\bf X.509} Public Key Infrastructure. \item {\bf OpenPGP} Public Key Infrastructure. \item {\bf SRP} for \tls{} authentication. |