Closed Bug 1236760 Opened 8 years ago Closed 7 years ago

Change ECC curve selection in libssl

Categories

(NSS :: Libraries, defect, P3)

defect

Tracking

(firefox46 affected)

RESOLVED DUPLICATE of bug 1296303
Tracking Status
firefox46 --- affected

People

(Reporter: mt, Unassigned)

Details

The current logic is a little torrid, attempting to classify the strength of the server certificate and then set that as a minimum strength on the key exchange curve.  This need not be so hard.  Have a list of curves and pick the first that works.  If someone with an 8192-bit RSA certificate doesn't want P-256, then they can turn P-256 off.
Priority: -- → P3
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.