This is gnutls.info, produced by makeinfo version 6.7 from gnutls.texi.
This manual is last updated 1 June 2020 for version 3.6.14 of GnuTLS.
Copyright (C) 2001-2020 Free Software Foundation, Inc.\\ Copyright (C)
2001-2020 Nikos Mavrogiannopoulos
Permission is granted to copy, distribute and/or modify this
document under the terms of the GNU Free Documentation License,
Version 1.3 or any later version published by the Free Software
Foundation; with no Invariant Sections, no Front-Cover Texts, and
no Back-Cover Texts. A copy of the license is included in the
section entitled "GNU Free Documentation License".
INFO-DIR-SECTION Software libraries
START-INFO-DIR-ENTRY
* GnuTLS: (gnutls). GNU Transport Layer Security Library.
END-INFO-DIR-ENTRY
INFO-DIR-SECTION System Administration
START-INFO-DIR-ENTRY
* certtool: (gnutls)certtool Invocation. Manipulate certificates and keys.
* gnutls-serv: (gnutls)gnutls-serv Invocation. GnuTLS test server.
* gnutls-cli: (gnutls)gnutls-cli Invocation. GnuTLS test client.
* gnutls-cli-debug: (gnutls)gnutls-cli-debug Invocation. GnuTLS debug client.
* psktool: (gnutls)psktool Invocation. Simple TLS-Pre-Shared-Keys manager.
* srptool: (gnutls)srptool Invocation. Simple SRP password tool.
END-INFO-DIR-ENTRY
�
File: gnutls.info, Node: Concept Index, Prev: Function and Data Index, Up: Top
Concept Index
*************
��[index��]
* Menu:
* abstract types: Abstract key types. (line 6)
* alert protocol: The TLS Alert Protocol.
(line 6)
* ALPN: Application Layer Protocol Negotiation (ALPN).
(line 6)
* anonymous authentication: Anonymous authentication.
(line 6)
* API reference: API reference. (line 6)
* Application Layer Protocol Negotiation: Application Layer Protocol Negotiation (ALPN).
(line 6)
* Application-specific keys: Application-specific keys.
(line 6)
* authentication methods: Authentication methods.
(line 6)
* bad_record_mac: On Record Padding. (line 6)
* callback functions: Callback functions. (line 6)
* certificate authentication: Certificate authentication.
(line 6)
* certificate authentication <1>: More on certificate authentication.
(line 6)
* certificate requests: PKCS 10 certificate requests.
(line 6)
* certificate revocation lists: PKIX certificate revocation lists.
(line 6)
* certificate status: OCSP certificate status checking.
(line 6)
* certificate status <1>: OCSP stapling. (line 6)
* Certificate status request: OCSP status request. (line 6)
* Certificate verification: Advanced certificate verification.
(line 6)
* certification: Certification. (line 6)
* certtool: certtool Invocation. (line 6)
* certtool help: certtool Invocation. (line 21)
* channel bindings: Channel Bindings. (line 6)
* ciphersuites: Supported ciphersuites.
(line 6)
* client certificate authentication: Client Authentication.
(line 6)
* CMS: Cryptographic Message Syntax / PKCS7.
(line 6)
* compression algorithms: Compression algorithms and the record layer.
(line 6)
* contributing: Contributing. (line 6)
* credentials: Virtual hosts and credentials.
(line 6)
* CRL: PKIX certificate revocation lists.
(line 6)
* cryptographic message syntax: Cryptographic Message Syntax / PKCS7.
(line 6)
* DANE: Verifying a certificate using DANE.
(line 6)
* DANE <1>: Certificate verification.
(line 6)
* danetool: danetool Invocation. (line 6)
* danetool help: danetool Invocation. (line 15)
* deriving keys: Deriving keys for other applications/protocols.
(line 6)
* digital signatures: Digital signatures. (line 6)
* DNSSEC: Verifying a certificate using DANE.
(line 6)
* DNSSEC <1>: Certificate verification.
(line 6)
* download: Downloading and installing.
(line 6)
* Encrypted keys: Managing encrypted keys.
(line 6)
* error codes: Error codes. (line 6)
* example programs: GnuTLS application examples.
(line 6)
* examples: GnuTLS application examples.
(line 6)
* exporting keying material: Deriving keys for other applications/protocols.
(line 6)
* False Start: False Start. (line 6)
* FDL, GNU Free Documentation License: Copying Information. (line 6)
* file signing: Cryptographic Message Syntax / PKCS7.
(line 6)
* fork: Sessions and fork. (line 6)
* generating parameters: Parameter generation.
(line 6)
* giovec_t: Common types. (line 6)
* gnutls-cli: gnutls-cli Invocation.
(line 6)
* gnutls-cli help: gnutls-cli Invocation.
(line 17)
* gnutls-cli-debug: gnutls-cli-debug Invocation.
(line 6)
* gnutls-cli-debug help: gnutls-cli-debug Invocation.
(line 21)
* gnutls-serv: gnutls-serv Invocation.
(line 6)
* gnutls-serv help: gnutls-serv Invocation.
(line 16)
* gnutls_datum_t: Common types. (line 6)
* hacking: Contributing. (line 6)
* handshake protocol: The TLS Handshake Protocol.
(line 6)
* hardware security modules: Smart cards and HSMs.
(line 6)
* hardware tokens: Smart cards and HSMs.
(line 6)
* hash functions: Hash and MAC functions.
(line 6)
* heartbeat: HeartBeat. (line 6)
* HMAC functions: Hash and MAC functions.
(line 6)
* installation: Downloading and installing.
(line 6)
* installation <1>: Installing for a software distribution.
(line 6)
* internal architecture: Internal architecture of GnuTLS.
(line 6)
* isolated mode: Running in a sandbox.
(line 6)
* key extraction: Deriving keys for other applications/protocols.
(line 6)
* Key pinning: Verifying a certificate using trust on first use authentication.
(line 6)
* Key pinning <1>: Certificate verification.
(line 6)
* key sizes: Selecting cryptographic key sizes.
(line 6)
* keying material exporters: Deriving keys for other applications/protocols.
(line 6)
* MAC functions: Hash and MAC functions.
(line 6)
* maximum fragment length: Maximum fragment length negotiation.
(line 6)
* OCSP: OCSP certificate status checking.
(line 6)
* OCSP Functions: OCSP API. (line 6)
* OCSP stapling: OCSP stapling. (line 6)
* OCSP status request: OCSP status request. (line 6)
* ocsptool: ocsptool Invocation. (line 6)
* ocsptool help: ocsptool Invocation. (line 22)
* Online Certificate Status Protocol: OCSP certificate status checking.
(line 6)
* Online Certificate Status Protocol <1>: OCSP stapling. (line 6)
* OpenPGP certificates: OpenPGP certificates.
(line 6)
* OpenSSL: Compatibility with the OpenSSL library.
(line 6)
* OpenSSL encrypted keys: Managing encrypted keys.
(line 241)
* overriding algorithms: Overriding algorithms.
(line 6)
* p11tool: p11tool Invocation. (line 6)
* p11tool help: p11tool Invocation. (line 25)
* parameter generation: Parameter generation.
(line 6)
* PCT: On SSL 2 and older protocols.
(line 37)
* PKCS #10: PKCS 10 certificate requests.
(line 6)
* PKCS #11 tokens: Smart cards and HSMs.
(line 6)
* PKCS #12: Managing encrypted keys.
(line 135)
* PKCS #7: Cryptographic Message Syntax / PKCS7.
(line 6)
* PKCS #8: Managing encrypted keys.
(line 86)
* post-handshake authentication: TLS 1.3 re-authentication and re-key.
(line 6)
* Priority strings: Priority Strings. (line 6)
* PSK authentication: Authentication using PSK.
(line 6)
* psktool: psktool Invocation. (line 6)
* psktool help: psktool Invocation. (line 16)
* public key algorithms: Public key algorithms.
(line 6)
* public key algorithms <1>: Cryptographic Message Syntax / PKCS7.
(line 6)
* random numbers: Random number generation.
(line 6)
* Raw public-keys: Raw public-keys. (line 6)
* re-authentication: TLS 1.2 re-authentication.
(line 6)
* re-authentication <1>: TLS 1.3 re-authentication and re-key.
(line 6)
* re-key: TLS 1.3 re-authentication and re-key.
(line 6)
* re-negotiation: TLS 1.2 re-authentication.
(line 6)
* re-negotiation <1>: TLS 1.3 re-authentication and re-key.
(line 6)
* record padding: On Record Padding. (line 6)
* record protocol: The TLS record protocol.
(line 6)
* renegotiation: Safe renegotiation. (line 6)
* reporting bugs: Bug Reports. (line 6)
* resuming sessions: Resuming Sessions. (line 6)
* resuming sessions <1>: Session resumption. (line 6)
* safe renegotiation: Safe renegotiation. (line 6)
* seccomp: Running in a sandbox.
(line 6)
* Secure RTP: SRTP. (line 6)
* server name indication: Server name indication.
(line 6)
* session resumption: Resuming Sessions. (line 6)
* session resumption <1>: Session resumption. (line 6)
* session tickets: Session tickets. (line 6)
* Smart card example: Client using a smart card with TLS.
(line 6)
* smart cards: Smart cards and HSMs.
(line 6)
* SRP authentication: Authentication using SRP.
(line 6)
* srptool: srptool Invocation. (line 6)
* srptool help: srptool Invocation. (line 23)
* SRTP: SRTP. (line 6)
* SSH-style authentication: Verifying a certificate using trust on first use authentication.
(line 6)
* SSH-style authentication <1>: Certificate verification.
(line 6)
* SSL 2: On SSL 2 and older protocols.
(line 6)
* Supplemental data: Extensions and Supplemental Data.
(line 6)
* symmetric algorithms: Symmetric algorithms.
(line 6)
* symmetric cryptography: Symmetric algorithms.
(line 6)
* symmetric encryption algorithms: Encryption algorithms used in the record layer.
(line 6)
* System-specific keys: Application-specific keys.
(line 5)
* System-wide configuration: System-wide configuration of the library.
(line 6)
* thread safety: Thread safety. (line 6)
* tickets: Session tickets. (line 6)
* TLS extensions: TLS Extensions. (line 6)
* TLS extensions <1>: Maximum fragment length negotiation.
(line 6)
* TLS extensions <2>: Server name indication.
(line 6)
* TLS extensions <3>: Session tickets. (line 6)
* TLS extensions <4>: HeartBeat. (line 6)
* TLS False Start: False Start. (line 6)
* TLS layers: TLS layers. (line 6)
* TPM: Trusted Platform Module.
(line 6)
* tpmtool: tpmtool Invocation. (line 6)
* tpmtool help: tpmtool Invocation. (line 15)
* transport layer: The transport layer. (line 6)
* transport protocol: The transport layer. (line 6)
* Trust on first use: Verifying a certificate using trust on first use authentication.
(line 6)
* Trust on first use <1>: Certificate verification.
(line 6)
* trusted platform module: Trusted Platform Module.
(line 6)
* upgrading: Upgrading from previous versions.
(line 6)
* verifying certificate paths: Verifying X.509 certificate paths.
(line 6)
* verifying certificate paths <1>: Verifying a certificate in the context of TLS session.
(line 6)
* verifying certificate paths <2>: Verifying a certificate using trust on first use authentication.
(line 6)
* verifying certificate paths <3>: Verifying a certificate using DANE.
(line 6)
* verifying certificate with pkcs11: Verification using PKCS11.
(line 6)
* virtual hosts: Virtual hosts and credentials.
(line 6)
* X.509 certificate name: X.509 certificate names.
(line 6)
* X.509 certificates: X.509 certificates. (line 6)
* X.509 distinguished name: X.509 distinguished names.
(line 6)
* X.509 extensions: X.509 extensions. (line 6)
* X.509 Functions: X509 certificate API.
(line 6)