ECC cipher suites
ueno at unixuser.org
Thu Aug 27 13:29:18 CEST 2009
>>>>> In <87eiqzedlg.fsf at mocca.josefsson.org>
>>>>> Simon Josefsson <simon at josefsson.org> wrote:
> > I looked at the feature comparison table of TLS libraries and noticed
> > that GnuTLS still lacks ECC support:
> > http://www.gnu.org/software/gnutls/comparison.html
> > Is anyone working on this? Otherwise, I would like to give it a try.
> Nobody is working on it, but there are patent issues with ECC that has
> to be resolved. To avoid wasting time, we may want to approach the FSF
> and the SFLC first to get a better understanding of what's involved here
> (I've been deferring this since nobody has expressed interest in ECC).
Good to know before stepping into further. I hope that the situation
will change in the near future.
> Finishing the TLS 1.2 support and adding the new cipher suites is a
> high-priority task and it shouldn't be too difficult since there are TLS
> 1.2 test servers out there to test with.
Thanks for the hint. I'll check which features of TLS 1.2 are not
implemented. Adding HMAC-SHA256 cipher suites looks one thing to do.
More information about the Gcrypt-devel