Home | Trees | Indices | Help |
---|
|
This class encapsulates various parameters that can be used with a TLS handshake.
|
|||
|
|||
|
|||
|
|
|||
int |
minKeySize The minimum bit length for asymmetric keys. |
||
int |
maxKeySize The maximum bit length for asymmetric keys. |
||
list |
cipherNames The allowed ciphers, in order of preference. |
||
list |
certificateTypes The allowed certificate types, in order of preference. |
||
tuple |
minVersion The minimum allowed SSL/TLS version. |
||
tuple |
maxVersion The maximum allowed SSL/TLS version. |
||
bool |
useExperimentalTackExtension Whether to enabled TACK support. |
|
minKeySizeThe minimum bit length for asymmetric keys.If the other party tries to use SRP, RSA, or Diffie-Hellman parameters smaller than this length, an alert will be signalled. The default is 1023.
|
maxKeySizeThe maximum bit length for asymmetric keys.If the other party tries to use SRP, RSA, or Diffie-Hellman parameters larger than this length, an alert will be signalled. The default is 8193.
|
cipherNamesThe allowed ciphers, in order of preference.The allowed values in this list are 'aes256', 'aes128', '3des', and 'rc4'. If these settings are used with a client handshake, they determine the order of the ciphersuites offered in the ClientHello message. If these settings are used with a server handshake, the server will choose whichever ciphersuite matches the earliest entry in this list. NOTE: If '3des' is used in this list, but TLS Lite can't find an add-on library that supports 3DES, then '3des' will be silently removed. The default value is ['aes256', 'aes128', '3des', 'rc4'].
|
certificateTypesThe allowed certificate types, in order of preference.The allowed values in this list are 'x509'. This list is only used with a client handshake. The client will advertise to the server which certificate types are supported, and will check that the server uses one of the appropriate types.
|
minVersionThe minimum allowed SSL/TLS version.This variable can be set to (3,0) for SSL 3.0, (3,1) for TLS 1.0, or (3,2) for TLS 1.1. If the other party wishes to use a lower version, a protocol_version alert will be signalled. The default is (3,0).
|
maxVersionThe maximum allowed SSL/TLS version.This variable can be set to (3,0) for SSL 3.0, (3,1) for TLS 1.0, or (3,2) for TLS 1.1. If the other party wishes to use a higher version, a protocol_version alert will be signalled. The default is (3,2). (WARNING: Some servers may (improperly) reject clients which offer support for TLS 1.1. In this case, try lowering maxVersion to (3,1)).
|
useExperimentalTackExtensionWhether to enabled TACK support.Note that TACK support is not standardized by IETF and uses a temporary TLS Extension number, so should NOT be used in production software.
|
Home | Trees | Indices | Help |
---|
Generated by Epydoc 3.0.1 on Tue May 22 10:29:16 2012 | http://epydoc.sourceforge.net |