On Tue, Aug 29, 2017 at 6:42 AM, Rupert Gallagher <ruga@protonmail.com>
wrote:
> ... the description is unclear (to me). Is it an improvement on EC
support in ... httpd? libressl? Is ECDHE still supported? I do not want
automatic selection of the curve. Not all curves are safe, and I need to
select them.
>
> Sent from ProtonMail Mobile
>
> On Tue, Aug 29, 2017 at 3:23 PM, Rupert Gallagher <ruga@protonmail.com>
wrote:
>
>>> Clean up the EC key/curve configuration handling. We no longer support
ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher
list. As such, permanently enable automatic EC curve selection and
generation, effectively disabling all of the configuration knobs.
>>
>> https://www.tedunangst.com/flak/post/openbsd-changes-of-note-627
The above is jumbled because your mail client is BROKEN and top-posts, even
when replying to your own posts. If it isn't worth your effort to fix
that, it might not be worth the effort of those who might reply to actually
respond.
To answer your questions:
- there was no change to httpd,
- there was a change to libressl,
- Yes, ECDHE is still supported
You state you "do not want automatic selection of the curve". If you are
that invested in the question then you should be reading the full commit
messages sent to to the public source-changes@openbsd.org mailling
lists and not just tedu@'s summaries, as he elided much of the commit
message. The full commit message was:
"Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys
(and/or curves) for use with ECDH and ECDHE key exchange. You could specify
a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and
generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via
a callback that was provided with insufficient information
(SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation
of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to
problems (like ECDHE not being enabled) and potential weird configuration
(like being able to do ECDHE without the ephemeral part...).
We no longer support ECDH and ECDHE can be disabled by removing ECDHE
ciphers from the cipher list. As such, permanently enable automatic EC
curve selection and generation, effectively disabling all of the
configuration knobs. The only exception is the
SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous
behaviour by configuring the curve of the given EC key as the only curve
being enabled. Everything else becomes a no-op.
ok beck@ doug@"
So yes, it's possible for a program using the libressl API to configure the
EC used. Whether any given program using libressl actually *does so* is up
to that program, of course.
Philip Guenther
No comments:
Post a Comment