On Sun, May 25, 2014 at 11:39 AM, Viktor Dukhovni
<openssl-us...@dukhovni.org> wrote:
> On Sun, May 25, 2014 at 11:28:04AM -0400, Jeffrey Walton wrote:
>
>> > sip_trp_ssl_ctx = SSL_CTX_new( TLSv1_method() );
>> > if ( sip_trp_ssl_ctx == NULL ) {
>> > ERROR("FI_init_ssl_context: SSL_CTX_new with TLSv1_method failed");
>> > return SSL_INIT_ERROR;
>> > }
>>
>> Well, EC support was added to SSL/TLS at TLS 1.2.
>
> That's not the case. ECDSA and ECDHE predate TLSv1.2. Full support
> for EC in OpenSSL starts in OpenSSL 1.0.0, while support for TLSv1.2
> was added in 1.0.1 IIRC.
>
Indeed. RFC 4492 (ECC for TLS) from May 2006 states it applies to TLS
1.0 and above.
My bad.
Jeff
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
