3.5.5 Interoperability

The TLS handshake is a complex procedure that negotiates all required parameters for a secure session. GnuTLS supports several TLS extensions, as well as the latest TLS protocol version 1.2. However few implementations are not able to properly interoperate once faced with extensions or version protocols they do not support and understand. The TLS protocol allows for a graceful downgrade to the commonly supported options, but practice shows it is not always implemented correctly.

Because there is no way to achieve maximum interoperability with broken peers without sacrificing security, GnuTLS ignores such peers by default. This might not be acceptable in cases where maximum compatibility is required. Thus we allow enabling compatibility with broken peers using priority strings (see Priority strings). An example priority string that is known to provide wide compatibility even with broken peers is shown below:

NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0:+VERS-SSL3.0:%COMPAT

This priority string will only enable SSL 3.0 and TLS 1.0 as protocols and will disable, via the %COMPAT keyword, several TLS protocol options that are known to cause compatibility problems. We suggest however only to use this mode if compatibility is preferred over security.