[openssl-dev] [openssl.org #3138] 80-bit Elliptic Curves with !MEDIUM !LOW !EXP cipher list
Emilia Käsper via RT
rt at openssl.org
Thu Oct 15 15:19:26 UTC 2015
Curves aren't negotiated with the ciphersuite, but rather via a separate
extension. Since OpenSSL 1.0.2, there are
SSL_CTX_set1_curves and SSL_CTX_set1_curves_list to configure supported curves:
https://www.openssl.org/docs/manmaster/ssl/SSL_CTX_set_ecdh_auto.html
OpenSSL 1.1 also has a security levels API in the works to make this sort of
configuration easier.
More information about the openssl-dev
mailing list