This is gnutls.info, produced by makeinfo version 5.1 from gnutls.texi. This manual is last updated 24 April 2013 for version 3.1.11 of GnuTLS. Copyright (C) 2001-2013 Free Software Foundation, Inc.\\ Copyright (C) 2001-2013 Nikos Mavrogiannopoulos Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". INFO-DIR-SECTION Software libraries START-INFO-DIR-ENTRY * GnuTLS: (gnutls). GNU Transport Layer Security Library. END-INFO-DIR-ENTRY INFO-DIR-SECTION System Administration START-INFO-DIR-ENTRY * certtool: (gnutls)Invoking certtool. Manipulate certificates and keys. * gnutls-serv: (gnutls)Invoking gnutls-serv. GnuTLS test server. * gnutls-cli: (gnutls)Invoking gnutls-cli. GnuTLS test client. * gnutls-cli-debug: (gnutls)Invoking gnutls-cli-debug. GnuTLS debug client. * psktool: (gnutls)Invoking psktool. Simple TLS-Pre-Shared-Keys manager. * srptool: (gnutls)Invoking srptool. Simple SRP password tool. END-INFO-DIR-ENTRY  File: gnutls.info, Node: Concept Index, Prev: Function and Data Index, Up: Top Concept Index ************* [index] * Menu: * abstract types: Abstract key types. (line 6) * alert protocol: The TLS Alert Protocol. (line 6) * anonymous authentication: Anonymous authentication. (line 6) * API reference: API reference. (line 6) * authentication methods: Authentication methods. (line 6) * bad_record_mac: On Record Padding. (line 6) * callback functions: Callback functions. (line 6) * certificate authentication: Certificate authentication. (line 6) * certificate authentication <1>: More on certificate authentication. (line 6) * certificate requests: PKCS 10 certificate requests. (line 6) * certificate revocation lists: PKIX certificate revocation lists. (line 6) * certificate status: OCSP certificate status checking. (line 6) * Certificate status request: OCSP status request. (line 6) * Certificate verification: Advanced certificate verification. (line 6) * certtool: certtool Invocation. (line 6) * certtool help: certtool Invocation. (line 17) * channel bindings: Channel Bindings. (line 6) * ciphersuites: Supported ciphersuites. (line 6) * client certificate authentication: Client Authentication. (line 6) * compression algorithms: Compression algorithms used in the record layer. (line 6) * contributing: Contributing. (line 6) * CRL: PKIX certificate revocation lists. (line 6) * DANE: Verifying a certificate using DANE. (line 6) * DANE <1>: Certificate verification. (line 6) * danetool: danetool Invocation. (line 6) * danetool help: danetool Invocation. (line 15) * digital signatures: Digital signatures. (line 6) * DNSSEC: Verifying a certificate using DANE. (line 6) * DNSSEC <1>: Certificate verification. (line 6) * download: Downloading and installing. (line 6) * Encrypted keys: Managing encrypted keys. (line 6) * error codes: Error codes. (line 6) * example programs: GnuTLS application examples. (line 6) * examples: GnuTLS application examples. (line 6) * exporting keying material: Keying Material Exporters. (line 6) * FDL, GNU Free Documentation License: Copying Information. (line 6) * generating parameters: Parameter generation. (line 6) * gnutls-cli: gnutls-cli Invocation. (line 6) * gnutls-cli help: gnutls-cli Invocation. (line 17) * gnutls-cli-debug: gnutls-cli-debug Invocation. (line 6) * gnutls-cli-debug help: gnutls-cli-debug Invocation. (line 21) * gnutls-serv: gnutls-serv Invocation. (line 6) * gnutls-serv help: gnutls-serv Invocation. (line 16) * hacking: Contributing. (line 6) * handshake protocol: The TLS Handshake Protocol. (line 6) * hardware security modules: Smart cards and HSMs. (line 6) * hardware tokens: Smart cards and HSMs. (line 6) * hash functions: Hash and HMAC functions. (line 6) * heartbeat: HeartBeat. (line 6) * HMAC functions: Hash and HMAC functions. (line 6) * installation: Downloading and installing. (line 6) * internal architecture: Internal architecture of GnuTLS. (line 6) * Key pinning: Verifying a certificate using trust on first use authentication. (line 6) * Key pinning <1>: Certificate verification. (line 6) * key sizes: Selecting cryptographic key sizes. (line 6) * keying material exporters: Keying Material Exporters. (line 6) * maximum fragment length: Maximum fragment length negotiation. (line 6) * OCSP: OCSP certificate status checking. (line 6) * OCSP Functions: OCSP API. (line 6) * OCSP status request: OCSP status request. (line 6) * ocsptool: ocsptool Invocation. (line 6) * ocsptool help: ocsptool Invocation. (line 16) * Online Certificate Status Protocol: OCSP certificate status checking. (line 6) * OpenPGP API: OpenPGP API. (line 6) * OpenPGP certificates: OpenPGP certificates. (line 6) * OpenPGP server: Echo server with OpenPGP authentication. (line 6) * OpenSSL: Compatibility with the OpenSSL library. (line 6) * OpenSSL encrypted keys: Managing encrypted keys. (line 226) * p11tool: p11tool Invocation. (line 6) * p11tool help: p11tool Invocation. (line 20) * parameter generation: Parameter generation. (line 6) * PCT: On SSL 2 and older protocols. (line 37) * PKCS #10: PKCS 10 certificate requests. (line 6) * PKCS #11 tokens: Smart cards and HSMs. (line 6) * PKCS #12: Managing encrypted keys. (line 120) * PKCS #8: Managing encrypted keys. (line 85) * Priority strings: Priority Strings. (line 6) * PSK authentication: Authentication using PSK. (line 6) * psktool: psktool Invocation. (line 6) * psktool help: psktool Invocation. (line 16) * public key algorithms: Public key algorithms. (line 6) * random numbers: Random number generation. (line 6) * record padding: On Record Padding. (line 6) * record protocol: The TLS record protocol. (line 6) * renegotiation: Safe renegotiation. (line 6) * reporting bugs: Bug Reports. (line 6) * resuming sessions: Resuming Sessions. (line 6) * resuming sessions <1>: Session resumption. (line 6) * safe renegotiation: Safe renegotiation. (line 6) * Secure RTP: SRTP. (line 6) * server name indication: Server name indication. (line 6) * session resumption: Resuming Sessions. (line 6) * session resumption <1>: Session resumption. (line 6) * session tickets: Session tickets. (line 6) * Smart card example: Client using a smart card with TLS. (line 6) * smart cards: Smart cards and HSMs. (line 6) * SRP authentication: Authentication using SRP. (line 6) * srptool: srptool Invocation. (line 6) * srptool help: srptool Invocation. (line 23) * SRTP: SRTP. (line 6) * SSH-style authentication: Verifying a certificate using trust on first use authentication. (line 6) * SSH-style authentication <1>: Certificate verification. (line 6) * SSL 2: On SSL 2 and older protocols. (line 6) * symmetric algorithms: Symmetric algorithms. (line 6) * symmetric cryptography: Symmetric algorithms. (line 6) * symmetric encryption algorithms: Encryption algorithms used in the record layer. (line 6) * thread safety: Thread safety. (line 6) * tickets: Session tickets. (line 6) * TLS extensions: TLS Extensions. (line 6) * TLS extensions <1>: Maximum fragment length negotiation. (line 6) * TLS extensions <2>: Server name indication. (line 6) * TLS extensions <3>: Session tickets. (line 6) * TLS extensions <4>: HeartBeat. (line 6) * TLS layers: TLS layers. (line 6) * TPM: Trusted Platform Module. (line 6) * tpmtool: tpmtool Invocation. (line 6) * tpmtool help: tpmtool Invocation. (line 15) * transport layer: The transport layer. (line 6) * transport protocol: The transport layer. (line 6) * Trust on first use: Verifying a certificate using trust on first use authentication. (line 6) * Trust on first use <1>: Certificate verification. (line 6) * trusted platform module: Trusted Platform Module. (line 6) * upgrading: Upgrading from previous versions. (line 6) * verifying certificate paths: Verifying X.509 certificate paths. (line 6) * verifying certificate paths <1>: Verifying a certificate in the context of TLS session. (line 6) * verifying certificate paths <2>: Verifying a certificate using trust on first use authentication. (line 6) * verifying certificate paths <3>: Verifying a certificate using DANE. (line 6) * X.509 certificates: X.509 certificates. (line 6) * X.509 distinguished name: X.509 distinguished names. (line 6) * X.509 Functions: X509 certificate API. (line 6)