Kurt,

> Please note that for key exchange it's X25519. Ed25519 is for 
> authentication.

thanks again for the valuable hint.

In the meantime, I have downloaded and compiled OpenSSL 1.1.0c for my web 
server. According to the following and many other articles, OpenSSL 1.1.x 
should support ed25519 / x25519:

https://certsimple.com/blog/safe-curves-and-openssl

But if I do ./openssl ecparam -list_curves, I indeed get a long list of 
supported curves, but no 25519 and no 448 among them. Did they remove it again 
in the newest version for some reason?

Please apologize if I am going off-topic - this question is probably for the 
OpenSSL mailing list, but on the other hand, it fits perfectly into the 
discussion here ...

Regards,

Binarus
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to