Questions about secure curves

Jakob Bohm jb-openssl at wisemo.com
Wed Oct 16 11:48:13 UTC 2019


To clarify, Firefox/Mozilla the organization enforces an unexplained
policy of prohibiting all included CAs from issuing any P-521
certificate, thus effectively banning their use on public servers
regardless of technical abilities.

On 15/10/2019 19:02, Mark Hack wrote:
> I believe that Firefox does still support P-521 but Chrome does not.
> Also be aware that if you set server side cipher selection and use
> default curves, that OpenSSL orders the curves weakest to strongest (
> even with @STRENGTH) so you will end up forcing P-256.
>
>
> On Tue, 2019-10-15 at 17:24 +0200, Jakob Bohm via openssl-users wrote:
>> On 15/10/2019 15:43, Stephan Seitz wrote:
>>> Hi!
>>>
>>> I was looking at the output of „openssl ecparam -list_curves” and
>>> trying to choose a curve for the web server together with
>>> letsencrypt.
>>>
>>> It seems, letsencrypt supports prime256v1, secp256r1, and
>>> secp384r1.
>>>
>>> Then I found the site https://safecurves.cr.yp.to/.
>>> I have problems mapping the openssl curves with the curve names
>>> from
>>> the web site, but I have the feeling that none of the choices
>>> above
>>> are safe.
>>>
>> safecurves.cr.yp.to lists some curves that Daniel J. Bernstein
>> (who runs the cr.yp.to domain) wants to promote, and emphasizes
>> problems with many other popular curves.
>>
>> prime256v1 = secp256r1 = P-256 and secp384r1 = P-384 are two curves
>> that the US government (NIST in cooperation with NSA) wants to
>> promote.
>>
>> It so happens that the CA/Browser forum has mysteriously decided
>> that the big (US made) web browsers should only trust CAs that
>> only accept curves that the US government promotes.  So if you
>> want your SSL/TLS implementation to work with widely distributed
>> US Browsers (Chrome, Safari, Firefox, IE, Edge etc.) you have to
>> use the US government curves P-256 and P-384 .  The third US
>> governmentcurve P-521 is banned by Firefox, so no trusted CA can
>> support it.
>>

Enjoy

Jakob
-- 
Jakob Bohm, CIO, Partner, WiseMo A/S.  http://www.wisemo.com
Transformervej 29, 2860 Soborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded



More information about the openssl-users mailing list