[Ach] preference of curves in ECC - ECDSA, ECDH

Aaron Zauner azet at azet.org
Sun Mar 9 19:59:36 CET 2014


Julien Vehent wrote:
> afaik, the only curve that's supported across the board in web browsers,
> is NIST P256.
Yes. This is a big issue, and I'm unsure if we can even talk about
blacklisting stuff before TLS 1.3 gets finished and deployed in browsers
(which, realistically, will not before the end of the decade). It took
TLS 1.2 six years.

But TLS is not limited to browsers and http daemons.

> I don't think NSS (Firefox & Chrome) supports anything else than P256,
> P384 and P512.
Chrome does - but they manage their own NSS tree :)


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20140309/340485d1/attachment.sig>

More information about the Ach mailing list