[openssl-users] Curves and ECDHParameters

Viktor Dukhovni openssl-users at dukhovni.org
Tue Sep 11 22:20:03 UTC 2018


> On Sep 11, 2018, at 4:55 PM, Joseph Christopher Sible <jcsible at cert.org> wrote:
> 
> What exactly are each of "Curves" and "ECDHParameters" used for, as
> documented by https://www.openssl.org/docs/man1.0.2/ssl/SSL_CONF_cmd.html?

The documentation of OpenSSL 1.1.x does not mention "ECDHParameters",
only "Curves" is documented as a synonym of "Groups".

The 1.0.2 documentation for "ECDHParameters" explains that this is
server-side setting to select a particular *fixed* ECDHE curve.
This is a legacy feature that predates negotiation of the curve
used based on the client's extension.

-- 
	Viktor.



More information about the openssl-users mailing list