diff options
Diffstat (limited to 'doc/tex/ciphersuites.tex')
| -rw-r--r-- | doc/tex/ciphersuites.tex | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/doc/tex/ciphersuites.tex b/doc/tex/ciphersuites.tex index 979cfb4479..4899f59b0c 100644 --- a/doc/tex/ciphersuites.tex +++ b/doc/tex/ciphersuites.tex @@ -26,6 +26,9 @@ in appendix \ref{ap:ciphersuites} on page \pageref{ap:ciphersuites}. \gnutls{} will disable ciphersuites that are not compatible with the key, or the enabled authentication methods. For example keys marked as sign-only, will not be able to -access the plain RSA ciphersuites, but only the DHE\_RSA ones. +access the plain RSA ciphersuites, but only the DHE\_RSA ones. It is +recommended not to use RSA keys for both signing and encryption. If possible +use the same key for the DHE\_RSA and RSA\_EXPORT ciphersuites, which use signing, +and a different key for the plain RSA ciphersuites, which uses encryption. \addvspace{1.5cm} |