Re: Limiting EC curves in ClientHello

2012-03-05 Thread Bodo Moeller
On Thu, Mar 1, 2012 at 11:28 PM, Erik Tkal wrote: > So then the question is will this be addressed in 1.0.1 or later? > Probably a bit later. Bodo

Re: Limiting EC curves in ClientHello

2012-03-01 Thread Erik Tkal
So then the question is will this be addressed in 1.0.1 or later? Erik Tkal et...@me.com On Mar 1, 2012, at 5:35 PM, Bodo Moeller wrote: > On Thu, Mar 1, 2012 at 4:06 PM, Erik Tkal wrote: > > You mentioned previously that you can get it to specify none o

Re: Limiting EC curves in ClientHello

2012-03-01 Thread Bodo Moeller
On Thu, Mar 1, 2012 at 4:06 PM, Erik Tkal wrote: You mentioned previously that you can get it to specify none or one curve? > I don’t see how you would specify this, as it appears the client hello > preparation adds all of them is any EC cipher suite is specified? > Oh, sorry, you are right. Set

RE: Limiting EC curves in ClientHello

2012-03-01 Thread Erik Tkal
pment From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On Behalf Of Bodo Moeller Sent: Thursday, March 01, 2012 11:52 AM To: openssl-dev@openssl.org Subject: Re: Limiting EC curves in ClientHello On Thu, Mar 1, 2012 at 11:16 AM, Erik Tkal mailto:et...@juniper.net>&g

Re: Limiting EC curves in ClientHello

2012-03-01 Thread Bodo Moeller
On Thu, Mar 1, 2012 at 11:16 AM, Erik Tkal wrote: > I looked around and found RFC 5430 - Suite B Profile for Transport Layer > Security (TLS), which states: > > RFC 4492 defines a variety of elliptic curves. For cipher suites > defined in this specification, only secp256r1(23) or secp384r1(2

Re: Limiting EC curves in ClientHello

2012-03-01 Thread Erik Tkal
To: "openssl-dev@openssl.org<mailto:openssl-dev@openssl.org>" mailto:openssl-dev@openssl.org>> Date: Wed, 29 Feb 2012 18:52:11 -0500 To: "openssl-dev@openssl.org<mailto:openssl-dev@openssl.org>" mailto:openssl-dev@openssl.org>> Subject: Re: Limiting EC c

Re: Limiting EC curves in ClientHello

2012-02-29 Thread Bodo Moeller
> It appears there is no way to specify that only a subset should be used? > Yes, this is a know deficiency in the current code. I'm more familiar with the server side, but I think it's similar: if you set up *one* curve, then negotiation should happen accordingly; if you use a callback to provide

Limiting EC curves in ClientHello

2012-02-29 Thread Erik Tkal
In t1_lib.c if any EC Cipher Suites are specified then TLS extensions are generated that indicate the client supports all three point compression formats and all 25 curves (I noticed the order changes between 1.0.0 and 1.0.1). It appears there is no way to specify that only a subset should be us