Re: Limiting EC curves in ClientHello

2012-03-05 Thread Bodo Moeller
On Thu, Mar 1, 2012 at 11:28 PM, Erik Tkal et...@me.com wrote: So then the question is will this be addressed in 1.0.1 or later? Probably a bit later. Bodo

Re: Limiting EC curves in ClientHello

2012-03-01 Thread Erik Tkal
-To: openssl-dev@openssl.orgmailto:openssl-dev@openssl.org openssl-dev@openssl.orgmailto:openssl-dev@openssl.org Date: Wed, 29 Feb 2012 18:52:11 -0500 To: openssl-dev@openssl.orgmailto:openssl-dev@openssl.org openssl-dev@openssl.orgmailto:openssl-dev@openssl.org Subject: Re: Limiting EC curves

Re: Limiting EC curves in ClientHello

2012-03-01 Thread Bodo Moeller
On Thu, Mar 1, 2012 at 11:16 AM, Erik Tkal et...@juniper.net wrote: I looked around and found RFC 5430 - Suite B Profile for Transport Layer Security (TLS), which states: RFC 4492 defines a variety of elliptic curves. For cipher suites defined in this specification, only secp256r1(23)

RE: Limiting EC curves in ClientHello

2012-03-01 Thread Erik Tkal
From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On Behalf Of Bodo Moeller Sent: Thursday, March 01, 2012 11:52 AM To: openssl-dev@openssl.org Subject: Re: Limiting EC curves in ClientHello On Thu, Mar 1, 2012 at 11:16 AM, Erik Tkal et...@juniper.netmailto:et

Re: Limiting EC curves in ClientHello

2012-03-01 Thread Bodo Moeller
On Thu, Mar 1, 2012 at 4:06 PM, Erik Tkal et...@juniper.net wrote: You mentioned previously that you can get it to specify none or one curve? I don’t see how you would specify this, as it appears the client hello preparation adds all of them is any EC cipher suite is specified? Oh, sorry, you

Re: Limiting EC curves in ClientHello

2012-03-01 Thread Erik Tkal
So then the question is will this be addressed in 1.0.1 or later? Erik Tkal et...@me.com On Mar 1, 2012, at 5:35 PM, Bodo Moeller wrote: On Thu, Mar 1, 2012 at 4:06 PM, Erik Tkal et...@juniper.net wrote: You mentioned previously that you can get it to

Limiting EC curves in ClientHello

2012-02-29 Thread Erik Tkal
In t1_lib.c if any EC Cipher Suites are specified then TLS extensions are generated that indicate the client supports all three point compression formats and all 25 curves (I noticed the order changes between 1.0.0 and 1.0.1). It appears there is no way to specify that only a subset should be

Re: Limiting EC curves in ClientHello

2012-02-29 Thread Bodo Moeller
It appears there is no way to specify that only a subset should be used? Yes, this is a know deficiency in the current code. I'm more familiar with the server side, but I think it's similar: if you set up *one* curve, then negotiation should happen accordingly; if you use a callback to provide