Kevin Pattison

Technical benefits of elliptic curve signature algorithms

Discussion created by Kevin Pattison on Sep 14, 2016
Latest reply on Sep 14, 2016 by Bhushan Lokhande

I notice that SSL Labs seems to report all signature algorithms as SHA256withRSA, even when Chrome shows it as ECDHE_ECDSA (for example on blog.cloudflare.com).

 

Is it possible to detect the available/supported signature algorithms using SSL Labs? Is it possible using OpenSSL?

 

On that note, I've read a lot of conflicting information about the benefits of these algorithms, some saying they have the same level of security but are faster, others saying they are actually slower, and there seems to be a lot of confusion between the signature algorithms and the elliptic curve ciphers. Is there anywhere you guys can point me to cut through the misinformation about this also?

Outcomes