On 01/01/2014 03:45 PM, Kurt Roeckx wrote: > Hi, > > I recently ran into this: > http://safecurves.cr.yp.to/ > > It seems that openssl doesn't support any of the curves that are > listed there as safe. > > At least the curve 25519 is popular and has a draft for using it > in TLS. Would it be possible to add at least support for that > curve?
I think you're referring to Simon Josefsson's draft: https://tools.ietf.org/html/draft-josefsson-tls-curve25519-01 IIRC, the discussion about that draft over on t...@ietf.org got a bit bogged down in the details of how to represent the points for this curve and other similar curves (e.g. curve3617): See, for example: https://www.ietf.org/mail-archive/web/tls/current/msg10284.html If we could hash out those details (maybe restarting that conversation over on t...@ietf.org with a concrete proposal), i'd agree that implementing these curves for OpenSSL (at least for ECDHE, if not for PKIX) would be a Good Thing. Perhaps a patchset that implements it in one specific way, along with an update to josefsson's draft clarifying the approach would be the most useful next step, just so people have something concrete to consider. Regards, --dkg
signature.asc
Description: OpenPGP digital signature
