aboutsummaryrefslogtreecommitdiffstats
path: root/HOWTO
diff options
context:
space:
mode:
authorAndreas Schultz <[email protected]>2014-01-02 11:33:39 +0100
committerIngela Anderton Andin <[email protected]>2014-01-14 18:31:34 +0100
commitaa198a6556b754bf6abd48a907091d3d57d5cfa0 (patch)
treee407289818fce07eb919e466f40670cf06e7c967 /HOWTO
parent97cf23313999ac4dfb508f9f98ea63a80e6144c9 (diff)
downloadotp-aa198a6556b754bf6abd48a907091d3d57d5cfa0.tar.gz
otp-aa198a6556b754bf6abd48a907091d3d57d5cfa0.tar.bz2
otp-aa198a6556b754bf6abd48a907091d3d57d5cfa0.zip
ssl: fix elliptic curve selection in server mode
The server code erroneously took the list of curves supported by the client from it's own hello extension, effectively breaking curve selection all together. Also the default fallback secp256k1 curve is not supported by all clients. secp256r1 is recommended as part of the NIST Suite B cryptographic suites. The chances are much better that all clients support it, so use that as fallback.
Diffstat (limited to 'HOWTO')
0 files changed, 0 insertions, 0 deletions