diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-01-14 13:41:48 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-01-14 13:48:25 +0100 |
commit | 19eef2f07625649f9674e911d3811c0eaaa13a9a (patch) | |
tree | 6a733c5a1b87b6b119ac09f70a02f2869519ca23 /doc/cha-gtls-app.texi | |
parent | 245204f434262ef80ef59323ba15d6912294986f (diff) | |
download | gnutls-19eef2f07625649f9674e911d3811c0eaaa13a9a.tar.gz |
changes in SYSTEM semantics to allow appending rules to the default policy.
Diffstat (limited to 'doc/cha-gtls-app.texi')
-rw-r--r-- | doc/cha-gtls-app.texi | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi index 68a15ec246..85ae38b0f7 100644 --- a/doc/cha-gtls-app.texi +++ b/doc/cha-gtls-app.texi @@ -894,8 +894,10 @@ additional algorithm or special keywords. @item SYSTEM @tab Means that a compile-time specified configuration file will be used to read the priorities. That is used to impose system-specific policies. -It may be followed by a priority string that will be used as backup, e.g., -"SYSTEM:NORMAL". +It may be followed by additional options that will be appended to the +system string (e.g., "SYSTEM:+SRP"). If there is no available system priority +string then the default acceptable security level by GnuTLS will be +set (i.e., NORMAL). @item PERFORMANCE @tab All the known to be secure ciphersuites are enabled, @@ -1142,8 +1144,11 @@ or by using the priority functions as in @ref{Listing the ciphersuites in a prio Example priority strings are: @example +The system imposed security level: + "SYSTEM" + The default priority without the HMAC-MD5: - "SYSTEM:NORMAL:-MD5" + "NORMAL:-MD5" Specifying RSA with AES-128-CBC: "NONE:+VERS-TLS-ALL:+MAC-ALL:+RSA:+AES-128-CBC:+SIGN-ALL:+COMP-NULL" |