@acronym{X.509} certificates @xcite{PKIX} and @acronym{OpenPGP}
certificates using a common API.
+The key exchange algorithms supported by certificate authentication are
+shown in @ref{tab:key-exchange}.
+
+@float Table,tab:key-exchange
+@multitable @columnfractions .2 .7
+
+@headitem Key exchange @tab Description
+
+@item RSA @tab
+The RSA algorithm is used to encrypt a key and send it to the peer.
+The certificate must allow the key to be used for encryption.
+
+@item RSA_EXPORT @tab
+The RSA algorithm is used to encrypt a key and send it to the peer.
+In the EXPORT algorithm, the server signs temporary RSA parameters of
+512 bits --- which are considered weak --- and sends them to the
+client.
+
+@item DHE_RSA @tab
+The RSA algorithm is used to sign ephemeral Diffie-Hellman parameters
+which are sent to the peer. The key in the certificate must allow the
+key to be used for signing. Note that key exchange algorithms which
+use ephemeral Diffie-Hellman parameters, offer perfect forward
+secrecy. That means that even if the private key used for signing is
+compromised, it cannot be used to reveal past session data.
+
+@item ECDHE_RSA @tab
+The RSA algorithm is used to sign ephemeral elliptic curve Diffie-Hellman
+parameters which are sent to the peer. The key in the certificate must allow
+the key to be used for signing. It also offers perfect forward
+secrecy. That means that even if the private key used for signing is
+compromised, it cannot be used to reveal past session data.
+
+@item DHE_DSS @tab
+The DSA algorithm is used to sign ephemeral Diffie-Hellman parameters
+which are sent to the peer. The certificate must contain DSA
+parameters to use this key exchange algorithm. DSA is the algorithm
+of the Digital Signature Standard (DSS).
+
+@item ECDHE_ECDSA @tab
+The Elliptic curve DSA algorithm is used to sign ephemeral elliptic
+curve Diffie-Hellman parameters which are sent to the peer. The
+certificate must contain ECDSA parameters to use this key exchange
+algorithm.
+
+@end multitable
+@caption{Supported key exchange algorithms.}
+@end float
+
@menu
* X.509 certificates::
* OpenPGP certificates::
* Anonymous credentials::
@end menu
+Each authentication method is associated with a key exchange method, and a credentials type.
+The contents of the credentials is method-dependent, e.g. certificates
+for certificate authentication and should be initialized and associated
+with a session (see @funcref{gnutls_credentials_set}). A mapping of the key exchange methods
+with the credential types is shown in @ref{tab:key-exchange-cred}.
+
+@float Table,tab:key-exchange-cred
+@multitable @columnfractions .25 .25 .2 .2
+
+@headitem Authentication method @tab Key exchange @tab Client credentials @tab Server credentials
+
+@item Certificate
+@tab @code{KX_RSA},
+@code{KX_DHE_RSA},
+@code{KX_DHE_DSS},
+@code{KX_ECDHE_RSA},
+@code{KX_ECDHE_ECDSA},
+@code{KX_RSA_EXPORT}
+@tab @code{CRD_CERTIFICATE}
+@tab @code{CRD_CERTIFICATE}
+
+@item Password and certificate
+@tab @code{KX_SRP_RSA}, @code{KX_SRP_DSS}
+@tab @code{CRD_SRP}
+@tab @code{CRD_CERTIFICATE}, @code{CRD_SRP}
+
+@item Password
+@tab @code{KX_SRP}
+@tab @code{CRD_SRP}
+@tab @code{CRD_SRP}
+
+@item Anonymous
+@tab @code{KX_ANON_DH},
+@code{KX_ANON_ECDH}
+@tab @code{CRD_ANON}
+@tab @code{CRD_ANON}
+
+@item Pre-shared key
+@tab @code{KX_PSK},
+@code{KX_DHE_PSK}, @code{KX_ECDHE_PSK}
+@tab @code{CRD_PSK}
+@tab @code{CRD_PSK}
+
+@end multitable
+@caption{Key exchange algorithms and the corresponding credential types.}
+@end float
+
@node Certificate credentials
@subsection Certificates
@subsubheading Server certificate authentication
@end itemize
-@float Table,tab:key-exchange
-@multitable @columnfractions .2 .7
-
-@headitem Key exchange @tab Description
-
-@item RSA @tab
-The RSA algorithm is used to encrypt a key and send it to the peer.
-The certificate must allow the key to be used for encryption.
-
-@item RSA_EXPORT @tab
-The RSA algorithm is used to encrypt a key and send it to the peer.
-In the EXPORT algorithm, the server signs temporary RSA parameters of
-512 bits --- which are considered weak --- and sends them to the
-client.
-
-@item DHE_RSA @tab
-The RSA algorithm is used to sign ephemeral Diffie-Hellman parameters
-which are sent to the peer. The key in the certificate must allow the
-key to be used for signing. Note that key exchange algorithms which
-use ephemeral Diffie-Hellman parameters, offer perfect forward
-secrecy. That means that even if the private key used for signing is
-compromised, it cannot be used to reveal past session data.
-
-@item ECDHE_RSA @tab
-The RSA algorithm is used to sign ephemeral elliptic curve Diffie-Hellman
-parameters which are sent to the peer. The key in the certificate must allow
-the key to be used for signing. It also offers perfect forward
-secrecy. That means that even if the private key used for signing is
-compromised, it cannot be used to reveal past session data.
-
-@item DHE_DSS @tab
-The DSA algorithm is used to sign ephemeral Diffie-Hellman parameters
-which are sent to the peer. The certificate must contain DSA
-parameters to use this key exchange algorithm. DSA is the algorithm
-of the Digital Signature Standard (DSS).
-
-@item ECDHE_ECDSA @tab
-The Elliptic curve DSA algorithm is used to sign ephemeral elliptic
-curve Diffie-Hellman parameters which are sent to the peer. The
-certificate must contain ECDSA parameters to use this key exchange
-algorithm.
-
-@end multitable
-@caption{Supported key exchange algorithms.}
-@end float
-
-Each authentication method is associated with a key exchange method, shown
-in @ref{tab:key-exchange}, and a credentials type.
-The contents of the credentials is method-dependent, e.g. certificates
-for certificate authentication and should be initialized and associated
-with a session (see @funcref{gnutls_credentials_set}). A mapping of the key exchange methods
-with the credential types is shown in @ref{tab:key-exchange-cred}.
-
-@float Table,tab:key-exchange-cred
-@multitable @columnfractions .25 .25 .2 .2
-
-@headitem Authentication method @tab Key exchange @tab Client credentials @tab Server credentials
-
-@item Certificate
-@tab @code{KX_RSA},
-@code{KX_DHE_RSA},
-@code{KX_DHE_DSS},
-@code{KX_ECDHE_RSA},
-@code{KX_ECDHE_ECDSA},
-@code{KX_RSA_EXPORT}
-@tab @code{CRD_CERTIFICATE}
-@tab @code{CRD_CERTIFICATE}
-
-@item Password and certificate
-@tab @code{KX_SRP_RSA}, @code{KX_SRP_DSS}
-@tab @code{CRD_SRP}
-@tab @code{CRD_CERTIFICATE}, @code{CRD_SRP}
-
-@item Password
-@tab @code{KX_SRP}
-@tab @code{CRD_SRP}
-@tab @code{CRD_SRP}
-
-@item Anonymous
-@tab @code{KX_ANON_DH},
-@code{KX_ANON_ECDH}
-@tab @code{CRD_ANON}
-@tab @code{CRD_ANON}
-
-@item Pre-shared key
-@tab @code{KX_PSK},
-@code{KX_DHE_PSK}, @code{KX_ECDHE_PSK}
-@tab @code{CRD_PSK}
-@tab @code{CRD_PSK}
-
-@end multitable
-@caption{Key exchange algorithms and the corresponding credential types.}
-@end float
-
-
@node Client Authentication
@subsection Client authentication
@cindex client certificate authentication