On Mon, Nov 25, 2013 at 08:22:35AM +0000, Igor Galić wrote:
>
> > and for stud:
> >
> > https://github.com/bumptech/stud/pull/61/files
>
> Wow. That's bad. That looks specifically for the *bad* NSA curve constants
> before initializing the ec code. That's not something I'd rely on, since
> not even NIST is any more.
Are there any other relevant curve constants that's usable? Looks to me
like everyone is using NIST P-384 or NIST P-256, and these are the only
once available as named curves in my openssl library.
$ openssl ecparam -list_curves
secp384r1 : NIST/SECG curve over a 384 bit prime field
prime256v1: X9.62/SECG curve over a 256 bit prime field
BTW: James Peach has already come up with a patch implementing the ECDHE
ciphers using NIST P-256, so now my test server is forward secret for
most clients:
https://www.ssllabs.com/ssltest/analyze.html?d=dibs.tanso.net
-jf
