Return-Path: 
 <users-return-3580-apmail-trafficserver-users-archive=trafficserver.apache.org@trafficserver.apache.org>
X-Original-To: apmail-trafficserver-users-archive@www.apache.org
Delivered-To: apmail-trafficserver-users-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id CE00210BB3
	for <apmail-trafficserver-users-archive@www.apache.org>;
 Mon, 25 Nov 2013 23:27:20 +0000 (UTC)
Received: (qmail 14442 invoked by uid 500); 25 Nov 2013 23:27:20 -0000
Delivered-To: apmail-trafficserver-users-archive@trafficserver.apache.org
Received: (qmail 14383 invoked by uid 500); 25 Nov 2013 23:27:20 -0000
Mailing-List: contact users-help@trafficserver.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@trafficserver.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@trafficserver.apache.org>
List-Post: <mailto:users@trafficserver.apache.org>
List-Id: <users.trafficserver.apache.org>
Reply-To: users@trafficserver.apache.org
Delivered-To: mailing list users@trafficserver.apache.org
Received: (qmail 14375 invoked by uid 99); 25 Nov 2013 23:27:20 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 25 Nov 2013 23:27:20 +0000
X-ASF-Spam-Status: No, hits=-0.7 required=5.0
	tests=RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: local policy includes SPF record at
 spf.trusted-forwarder.org)
Received: from [209.85.212.181] (HELO mail-wi0-f181.google.com)
 (209.85.212.181)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 25 Nov 2013 23:27:16 +0000
Received: by mail-wi0-f181.google.com with SMTP id hq4so4819468wib.8
        for <users@trafficserver.apache.org>;
 Mon, 25 Nov 2013 15:26:54 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20130820;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:references
         :mime-version:content-type:content-disposition
         :content-transfer-encoding:in-reply-to:user-agent;
        bh=qMb1u6GxpVNmuRUgIN56/k/FdDHk/sqmZEngO3scrsA=;
        b=f4h+fhKbCi/pqm1zsitEyJA3KTJm4ZA5D2p8FIIPMU8eUB//omcsVFw/61Hu+ENdHy
         wotrU/mCDqoajINY9h5XSrT1b0bIJx9RI21ZUnQ1cUgSNGW9eAe4aukgvAuhbQPk4iob
         6JMTCNDK68yrbolh9TYe2MfFdqDsoXepdvAttPDFexwCp4Um9Hoz5PiC8xZo665250Nv
         NJml/qvpe+yu+tSvX6JZpPHkHrnq8jFA7qDfutiL2drhdn0OffCxX8WgPMtef79X7Wr8
         Dal9G1AkZpY1Apg6gmt+O1zkR+5BpHY0ElAF88Qdpk1z7tK+JhuexEOFHFmbTS007xfe
         L6GA==
X-Gm-Message-State: 
 ALoCoQmIRoIaT9ecS5iuZKgbXi+TmXhp2MSDEDoK51YgQVxBvQREVz9JSjI7aUltRby3UqG4DEC5
X-Received: by 10.194.240.197 with SMTP id wc5mr24978935wjc.23.1385422014744;
        Mon, 25 Nov 2013 15:26:54 -0800 (PST)
Received: from mushkin.tanso.net ([2a01:79d:469d:b5e0:6e88:14ff:fe36:9a80])
        by mx.google.com with ESMTPSA id
 je17sm54338867wic.4.2013.11.25.15.26.53
        for <multiple recipients>
        (version=TLSv1.2 cipher=AES128-GCM-SHA256 bits=128/128);
        Mon, 25 Nov 2013 15:26:53 -0800 (PST)
Received: from mushkin.tanso.net (localhost [127.0.0.1])
	by mushkin.tanso.net (8.14.7/8.14.7) with ESMTP id rAPNQqvT009060;
	Tue, 26 Nov 2013 00:26:52 +0100
Received: (from janfrode@localhost)
	by mushkin.tanso.net (8.14.7/8.14.7/Submit) id rAPNQpl8009059;
	Tue, 26 Nov 2013 00:26:51 +0100
X-Authentication-Warning: mushkin.tanso.net: janfrode set sender to
 janfrode@tanso.net using -f
Date: Tue, 26 Nov 2013 00:26:51 +0100
From: Jan-Frode Myklebust <janfrode@tanso.net>
To: Igor =?utf-8?B?R2FsacSH?= <i.galic@brainsware.org>
Cc: users@trafficserver.apache.org
Subject: Re: Forward Secrecy ?
Message-ID: <20131125232651.GA6329@mushkin.tanso.net>
References: <20131124144749.GA14763@mushkin.tanso.net>
 <4237E9EB-B046-4F54-B709-EEC5D7A66D96@apache.org>
 <20131124185534.GA27235@mushkin.tanso.net>
 <20131124225224.GA9741@mushkin.tanso.net>
 <1578796287.249007.1385367755846.JavaMail.zimbra@brainsware.org>
 <20131125090211.GB9666@mushkin.tanso.net>
 <6CCE0E9A-344F-4BD3-893D-920AFA90B4FE@apache.org>
 <436797639.253119.1385419662916.JavaMail.zimbra@brainsware.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <436797639.253119.1385419662916.JavaMail.zimbra@brainsware.org>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Virus-Checked: Checked by ClamAV on apache.org

On Mon, Nov 25, 2013 at 10:47:42PM +0000, Igor Galić wrote:
> 
> Every curve that comes from J. A. Solinas I would declare on the simple
> basis that they work for the NSA as untrustworthy, no matter whether
> these constants are good or bad or NIST recommended and in an RFC simply
> for having all together produced and standardized DUAL_EC_DRBG.
> 
> Frankly, I think we should prepare the code, but wait out the storm as
> to which algorithms to chose.

But can the server dictate any other curves than what the browsers
support ? As far as I understand NIST P-256 and P-384 are the only
curves widely supported by browsers..

	http://security.stackexchange.com/questions/31772/what-elliptic-curves-are-supported-by-browsers
	http://security.stackexchange.com/questions/42088/can-custom-elliptic-curves-be-used-in-common-tls-implementations
	http://www.carbonwind.net/blog/post/A-quick-look-over-some-browsers-and-their-SSLTLS-implementations.aspx

plus I suspect curve25519 might soon be available in chrome, and others
might follow:

	http://www.ietf.org/mail-archive/web/tls/current/msg05852.html
	(interesting thread, and it casts some doubt to if the NIST curves can be backdoored..)


  -jf