Current versions of GnuTLS by default fatally fail to negotiate secure pages with a short TLS prime, giving an error, that the prime is expected to be longer. As explained by danw on irc.freenode.net/webkit-gtk: "libsoup used to talk to gnutls directly, and had a workaround for this problem. when the tls support moved to glib-networking, the workaround went away. it's back as of glib-networking 2.29.15" This is fatal in that it prevents one completely from viewing a page with no way arround it. glib-networking from 2.9.15 onwards changes the default expected length of the prime to something shorter (256), which is obviously less secure but a must in order to view certain pages (from which the user should not be prevented, just because a library doesnt deem it secure enough). Reproducible: Always
glib-networking-2.29.18 is in the gnome-next branch of the gnome overlay. I expect that it will be coming to portage with other gnome-3.2 packages after gnome-3.2 is officially released.
*glib-networking-2.30.0 (27 Sep 2011) 27 Sep 2011; Nirbheek Chauhan <nirbheek@gentoo.org> +glib-networking-2.30.0.ebuild: Bump to 2.30, from the GNOME overlay. Ebuild updates by tetromino.