> From: owner-openssl-us...@openssl.org On Behalf Of Francis GASCHET > Sent: Wednesday, September 17, 2014 13:35
> We use openSSL in OFTP2 implementation. The OFTP2 working group > decided > to strongly recommend to use preferably the cipher suites including PFS > (ephemeral Diffie Hellman). <snip> To date*, in order to agree a DH-ephemeral or ECDH-ephemeral suite, the server must be configured with "temporary" DH/ECDH parameters: https://www.openssl.org/docs/ssl/SSL_CTX_set_tmp_dh_callback.html tmp_ecdh* is similar but has no manpage. Is it? For ECDHE, the temporary parameters must be a curve allowed by the client's list of supported curves. For openssl clients (except RedHat) all standard "named" curves are allowed, but other clients may differ. P-256 and P-384, and maybe P-521, seem to be most widely supported, and therefore probably the best choices in general. * 1.0.2 is expected to have some more convenient options in this area. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org