ECC cipher suites

Simon Josefsson simon at josefsson.org
Wed Aug 26 00:24:43 CEST 2009


Daiki Ueno <ueno at unixuser.org> writes:

> Hello,
>
> I looked at the feature comparison table of TLS libraries and noticed
> that GnuTLS still lacks ECC support:
> http://www.gnu.org/software/gnutls/comparison.html
>
> Is anyone working on this?  Otherwise, I would like to give it a try[1].

Nobody is working on it, but there are patent issues with ECC that has
to be resolved.  To avoid wasting time, we may want to approach the FSF
and the SFLC first to get a better understanding of what's involved here
(I've been deferring this since nobody has expressed interest in ECC).

> [1] I recently got my paperwork done for both GnuTLS/libgcrypt, and I am
> seeking for next interesting project.

Finishing the TLS 1.2 support and adding the new cipher suites is a
high-priority task and it shouldn't be too difficult since there are TLS
1.2 test servers out there to test with.

/Simon





More information about the Gnutls-devel mailing list