[Ach] preference of curves in ECC - ECDSA, ECDH

Pepi Zawodsky pepi.zawodsky at maclemon.at
Sun Mar 9 20:25:55 CET 2014

On 09.03.2014, at 19:52, Julien Vehent <julien at linuxwall.info> wrote:
> afaik, the only curve that's supported across the board in web browsers, is NIST P256.
Actually secp256r1 and secp384r1 are supported in all clients that do ECC.
secp521r1 is available in many clients. (Safari [567] on iOS and OS X, Firefox 2[4567], OperaNext 20, TorBrowser, Chromium 3[123], Java [78] for sure, not comprehensive.)

The usual exception to secp521r1 support are IE (8|9|10|11) which only support secp256r1, secp384r1.

I'm not sure about Android browsers and don't have equipment to check. Somebody please chime in!

You can check ECC support for any client by visiting:

So if we can really specify a list of ECC curves via OpenSSL that would open a whole bunch of curves we can support server side. We'll need to test this of course.

Best regards
PS: Would be great to have Android foo in the handshake simulations at SSLLabs as well. Should I poke Ivan Ristić?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20140309/3a72ee7d/attachment.sig>

More information about the Ach mailing list