[openssl-dev] X25519 is the default curve for ECDHE in OpenSSL 1.1.0
Salz, Rich
rsalz at akamai.com
Sat Sep 17 14:35:20 UTC 2016
> When we added X25519 to BoringSSL, we at the same time started made the server require clients supply a curve list (and otherwise we'd just pick a non-ECDHE cipher), because of this issue. That went in back in December 2015 and it's been running just fine. I'd recommend OpenSSL do the same.
In other words: only use ECDHE if client specifies a curve list. WFM.
More information about the openssl-dev
mailing list