is one of the approved ciphers of the European NESSIE and Japanese
CRYPTREC projects.
-@item SALSA20_@-256 @tab
-SALSA20_256 is a fast stream cipher. This is currently a GnuTLS
-extension.
-
-@item ESTREAM_@-SALSA20_@-256 @tab
-ESTREAM_@-SALSA20_@-256 is a faster variant of SALSA20, and is one of the
-selected ciphers of the ESTREAM competition. This is currently a GnuTLS
-extension.
-
@end multitable
@caption{Supported ciphers.}
@end float
@item MAC_@-SHA256 @tab
An HMAC based on SHA256. Outputs 256 bits of data.
-@item MAC_@-UMAC @tab
-This is a very fast MAC algorithm based on universal hashing, described in
-@xcite{RFC4418}. This is currently a GnuTLS extension.
-
@item MAC_@-AEAD @tab
This indicates that an authenticated encryption algorithm, such as
GCM, is in use.
and authenticated with a key only known to the server and then sent to the
client. The Session Tickets extension is described in RFC 5077 @xcite{TLSTKT}.
+A disadvantage of session tickets is that they eliminate the effects of
+forward secrecy when a server uses the same key for long time. That is,
+the secrecy of all sessions on a server using tickets depends on the ticket
+key being kept secret. For that reason server keys should be rotated and discarded
+regularly.
+
Since version 3.1.3 GnuTLS clients transparently support session tickets.
@node HeartBeat