You can’t use arbitrary curves with certificates, only those which are standardized because the CA will not implement anything which isn’t unambiguously defined in a standard with support by clients.
Comment on Mathematician warns US spies may be weakening next-gen encryption
ryannathans@aussie.zone 1 year ago
Yeah you can observe this with letsencrypt failing to generate a certificate if you change the elliptic curve from an NSA generated curve to a generic/known safe one. Forces all signed certificates to use curves that are known to have issues, deliberate or otherwise.
Natanael@slrpnk.net 1 year ago
ryannathans@aussie.zone 1 year ago
My point is that there is a documented listed of supported curves for ECDSA but attempting to use any other safe curve in the list results in a failure. I am not trying to use some arbitrary curve.
If your point is that no safe curve is permitted because the powers that be don’t permit it, TLS is doomed.
eff-certbot.readthedocs.io/en/latest/using.html#u…
The default is a curve widely believed to be unsafe, p256, with no functioning safe alternative.
That’s Bernstein’s website if anyone was wondering
Natanael@slrpnk.net 1 year ago
I run a cryptography forum, I know this stuff, and the problem isn’t algorithmic weakness but complexity of implementation.
All major browsers and similar networking libraries now have safe implementations after experts have taken great care to handle the edge cases.
It’s not a fault with let’s encrypt. If they allowed nonstandard curves then almost nothing would be compatible with it, even the libraries which technically have the code for it because anything not in the TLS spec is disabled.
…stackexchange.com/…/can-custom-elliptic-curves-b…
cabforum.org/baseline-requirements-certificate-co…
CAB is the consortium of Certificate Authorities (TLS x509 certificate issuers)
ryannathans@aussie.zone 1 year ago
Tldr would be that there are no safe ECC curves in TLS? Yet
possiblylinux127@lemmy.zip 1 year ago
That’s worrying
ryannathans@aussie.zone 1 year ago
possiblylinux127@lemmy.zip 1 year ago
Thanks, I am extremely skeptical and I might just reach out to let’s encrypt for clarification
saddlebag@lemmy.world 1 year ago
Can you elaborate on this? Which curves does it happen with? Is there some source that you’ve seen?
ryannathans@aussie.zone 1 year ago
aussie.zone/comment/3519526