On Thu, May 16, 2013, Johannes Bauer wrote: > On 15.05.2013 23:05, Dr. Stephen Henson wrote: > > On Wed, May 15, 2013, Johannes Bauer wrote: > > > >> > >> Does this mean that communication with TLS1.2 with curves other than the > >> SEC-curves has actually never worked with OpenSSL (because it couldn't > >> have worked as this would require the explicit curve type why doesn't > >> appear to be implemented as of now)? Or is there some workaround through > >> which I could get it to run? > >> > > > > Yes that's correct. At present the explicit curve type isn't supported. > > Oh no. :-( > > Is it anywhere near on the roadmap (so I could sit it out) or is this > nothing that's of particular interest to OpenSSL development? Any way I > could contribute in pushing this forward (i.e. is it just some fixes > here and there in the codebase or does it require major effort)? >
I've not looked at it in any detail but it looks like it will be a considerableeffort to implement. Another problem is that AFAIK explicit curve isn't very widely implemented: are you aware of any existing implementations which could be used for interop testing? Support probably will be added to OpenSSL at some point but I can't give a precise timescale. It will be at least OpenSSL 1.0.2. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org