AnsweredAssumed Answered

Test whether server accepts other curves for ECDHE?

Question asked by Michael Schierl on Jun 1, 2016
Latest reply on Jul 27, 2016 by Rob Moss

Today i learned (in most embarrassing way, because a customer told me) that in TLS it is possible that a client suggests curves in ClientHello which the server will consider (I always thought that client will suggest only ciphers, and then the server chooses and the client will have to use the DH or EC parameters the server chose) and that some server software will happily "upgrade" to p521 even if p256 is configured in the server, and some will not (and continue the handshake with p256).

 

Could you perhaps add a check to your SSL server checker to check (only when ECDHE ciphers are available) if the server accepts different curves from the client? Really cool if you would provide a list of all of them, but as a start it would also be helpful to know if any other curves than the one used by default can be used at all...

Outcomes