- Clarify ECDH decription in release notes.
- Fix default value - it's 'prime256v1'.
- List curves with good cross-platform support explicitly
(NIST P-256 / P-384 / P-521).
The -list_curves output is full of garbage, it's hard to know which
ones make sense to use. Only those three curves are supported
cross-platform - OpenSSL/Java/Windows - so list them explicitly.
Only reason to tune this value is changing overall security
level up/down, so now this can be done safely and quickly.
Only upwards though. We could also list here NIST P-192/P-224
(prime192v1, secp224r1), but those are not supported by Windows.
And prime256v1 is quite fast already.
In the future it might make philosophical sense to list
also Brainpool curves (RFC7027), or some new curves from
http://safecurves.cr.yp.to/ when they are brought to TLS.
But currently only NIST/NSA curves are working option,
so let's keep it simple for users.
--
marko
diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml
index d9e5985..4a666d0 100644
--- a/doc/src/sgml/config.sgml
+++ b/doc/src/sgml/config.sgml
@@ -1020,13 +1020,23 @@ include 'filename'
</term>
<listitem>
<para>
- Specifies the name of the curve to use in ECDH key exchanges. The
- default is <literal>prime256p1</>.
+ Specifies the name of the curve to use in ECDH key exchange.
+ It needs to be supported by all clients that connect.
+ It does not need to be same curve as used by server's
+ Elliptic Curve key. The default is <literal>prime256v1</>.
</para>
<para>
- The list of available curves can be shown with the command
- <literal>openssl ecparam -list_curves</literal>.
+ OpenSSL names for most common curves:
+ <literal>prime256v1</> (NIST P-256),
+ <literal>secp384r1</> (NIST P-384),
+ <literal>secp521r1</> (NIST P-521).
+ </para>
+
+ <para>
+ The full list of available curves can be shown with the command
+ <literal>openssl ecparam -list_curves</literal>. Not all of them
+ are usable in TLS though.
</para>
</listitem>
</varlistentry>
diff --git a/doc/src/sgml/release-9.4.sgml b/doc/src/sgml/release-9.4.sgml
index 3070d0b..7c6fb8f 100644
--- a/doc/src/sgml/release-9.4.sgml
+++ b/doc/src/sgml/release-9.4.sgml
@@ -603,17 +603,23 @@
</para>
<para>
- Such keys are faster and have improved security over previous
- options. The new configuration
- parameter <link linkend="guc-ssl-ecdh-curve"><varname>ssl_ecdh_curve</></link>
- controls which curve is used.
+ This allows use of Elliptic Curve keys for server authentication.
+ Such keys are faster and have improved security over RSA keys.
+ Also it makes RSA keys perform slightly faster, as ECDHE-RSA key
+ exchange will be used over DHE-RSA if both sides support it.
+ </para>
+
+ <para>
+ The new configuration parameter
+ <link linkend="guc-ssl-ecdh-curve"><varname>ssl_ecdh_curve</></link>
+ controls which curve is used for ECDH.
</para>
</listitem>
<listitem>
<para>
Improve the default <link
- linkend="guc-ssl-ciphers"><varname>ssl_ciphers</></link> ciphers
+ linkend="guc-ssl-ciphers"><varname>ssl_ciphers</></link> value
(Marko Kreen)
</para>
</listitem>
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
