----- Original Message ----- > On Mon, Nov 25, 2013 at 08:22:35AM +0000, Igor Galić wrote: > > > > > and for stud: > > > > > > https://github.com/bumptech/stud/pull/61/files > > > > Wow. That's bad. That looks specifically for the *bad* NSA curve constants > > before initializing the ec code. That's not something I'd rely on, since > > not even NIST is any more. > > Are there any other relevant curve constants that's usable? Looks to me > like everyone is using NIST P-384 or NIST P-256, and these are the only > once available as named curves in my openssl library. > > $ openssl ecparam -list_curves > secp384r1 : NIST/SECG curve over a 384 bit prime field > prime256v1: X9.62/SECG curve over a 256 bit prime field
igalic@levix ~ % openssl ecparam -list_curves | grep -c : 67 igalic@levix ~ % openssl version OpenSSL 1.0.1e 11 Feb 2013 igalic@levix ~ % > BTW: James Peach has already come up with a patch implementing the ECDHE > ciphers using NIST P-256, so now my test server is forward secret for > most clients: > > https://www.ssllabs.com/ssltest/analyze.html?d=dibs.tanso.net > > > -jf > -- Igor Galić Tel: +43 (0) 664 886 22 883 Mail: [email protected] URL: http://brainsware.org/ GPG: 8716 7A9F 989B ABD5 100F 4008 F266 55D6 2998 1641
