On Fri, Nov 20, 2020 at 08:43:59AM -0800, Skip Carter wrote:
> I am sure this in the documentation somewhere; but where ?
>
> What are the preferred ECDH curves for a given keysize ? Which curves
> are considered obsolete/deprecated/untrustworthy ?
Is this a general question about industry
Those "rigid curves" that will be used in the future - future how distant, and
for how long?
Regards,
Uri
> On Nov 20, 2020, at 13:54, Phillip Hallam-Baker wrote:
>
smime.p7s
Description: S/MIME cryptographic signature
There are currently two sets of preferred curves.
CABForum approved use of the NIST curves from Suite B at 384 bits (and
521??) several years ago. Those are currently the only curves for which
FIPS-140 certified HSMs are currently available and thus the only ones that
can be supported by WebPKI
> From: openssl-users On Behalf Of Skip
> Carter
> Sent: Friday, 20 November, 2020 09:44
>
> What are the preferred ECDH curves for a given keysize ? Which curves
> are considered obsolete/deprecated/untrustworthy ?
For TLSv1.3, this is easy. RFC 8446 B.3.1.4 only allows the following:
