@section Anonymous authentication
@cindex anonymous authentication
-The anonymous key exchange performs encryption but there is no
-indication of the identity of the peer. This kind of authentication
-is vulnerable to a man in the middle attack, but this protocol can be
-used even if there is no prior communication and trusted parties with
-the peer, or when full anonymity is required. Unless really required,
-do not use anonymous authentication. Available key exchange methods
-are shown below.
+The anonymous key exchange offers encryption without any
+indication of the peer's identity. This kind of authentication
+is vulnerable to a man in the middle attack, but can be
+used even if there is no prior communication or shared trusted parties
+with the peer. Moreover it is useful when complete anonymity is required.
+Unless in one of the above cases, do not use anonymous authentication.
Note that the key exchange methods for anonymous authentication
require Diffie-Hellman parameters to be generated by the server and
@showfuncD{gnutls_anon_allocate_server_credentials,gnutls_anon_allocate_client_credentials,gnutls_anon_free_server_credentials,gnutls_anon_free_client_credentials}
-The supported anonymous key exchange algorithms are:
+The available key exchange algorithms for anonymous authentication are
+shown below.
@table @code