[jira] [Created] (TS-2392) Enable elliptic curve ciphers to support forward secrecy

Jan-Frode Myklebust (JIRA) Sun, 24 Nov 2013 14:52:23 -0800

Jan-Frode Myklebust created TS-2392:
---------------------------------------


             Summary: Enable elliptic curve ciphers to support forward secrecy
                 Key: TS-2392
                 URL: https://issues.apache.org/jira/browse/TS-2392
             Project: Traffic Server
          Issue Type: Improvement
          Components: Core
            Reporter: Jan-Frode Myklebust


ATS does not seem to support the elliptic curve diffie hellman ephemeral key 
exchanges (ECDH)  that are available in openssl. It seems these needs to be 
enabled explicitly to take advantage of them. Ref: the following commit for how 
this support was added to apache httpd v2.3.3:

http://mail-archives.apache.org/mod_mbox/httpd-cvs/200911.mbox/%[email protected]%3E

and for stud:

https://github.com/bumptech/stud/pull/61/files

Maybe both a DH key exchange needs to be set up, and then the various elliptic 
curves needs to be initialized..?




--
This message was sent by Atlassian JIRA
(v6.1#6144)

[jira] [Created] (TS-2392) Enable elliptic curve ciphers to support forward secrecy

Reply via email to