Alon Bar-Lev wrote:
On Tue, Nov 12, 2013 at 3:51 PM, Jan Just Keijser <janj...@nikhef.nl> wrote:
Alon Bar-Lev wrote:
On Tue, Nov 12, 2013 at 1:37 PM, Jan Just Keijser <janj...@nikhef.nl> wrote:
there was actually a follow-up to this patch, which was sent to the
openvpn-devel list on Feb 7th 2012:
Added support for Elliptic curves (ECDSA) + SHA2 family signed
certificates.
Great!
And what is the status?
it was not included as this patch does not provide full Elliptic curve (EC)
support - it only allows a user to use ECDSA+SHA2 signed certs, nothing more
, nothing less. The Control Channel will use ECDSA, the data channel is
still encrypted and signed using AES and SHA1/SHA2.
JJK
But this is progress compared to current inability to use EC
certificates at all, right?
correct , although you can currently use EC certs with SHA1 signing -
just not with SHA2 signing.
JJK
