Feature #901
Elliptic Curve Cryptography
| Status: | New | Start: | ||
| Priority: | Normal | Due date: | ||
| Assigned to: | jan | % Done: | 0% |
|
| Category: | core | |||
| Target version: | - | |||
| Pending: | Resolution: | |||
Description
Elliptic Curve Cryptography is a set of cipher suites supported in newer versions of OpenSSL. A major advantage is that ECC uses smaller key sizes (that provide the same security as much larger keysizes associated with RSA and DH), which means it's faster. Lighty can start up with an ECC signed certificate, and clients recieve the certificate, but beyond that, they can't seem to negotiate anything. When I used ssl.cipher-list to specify any of the ECC ciphers, lighty choked on startup. ECC support would make an excellent addition to lighty.
-- justin