Bug 1080128
Summary: | Backport automatic selection of curves for ECDHE | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Hubert Kario <hkario> |
Component: | openssl | Assignee: | Tomas Mraz <tmraz> |
Status: | CLOSED ERRATA | QA Contact: | Hubert Kario <hkario> |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | 7.0 | CC: | jkaluza, ksrot, tmraz |
Target Milestone: | rc | Keywords: | FutureFeature |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | openssl-1.0.1e-37.el7 | Doc Type: | Enhancement |
Doc Text: |
Feature:
Allow the TLS server to automatically select the ECC curve from among the curves supported by the TLS client.
Reason:
In the previous OpenSSL package the curve that TLS server supports could be chosen only by the server implementation and could not be automatically selected from a set which was too restrictive and clients which do not support that pre-selected curve could not use ECDH cipher suites.
Result:
The server can now automatically choose a curve from the list of curves supported by the client. However this needs to be appropriately enabled by API call in the concrete TLS server implementation.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2015-03-05 11:03:00 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1080127 | ||
Bug Blocks: | 1080125, 1153579 |
Description
Hubert Kario
2014-03-24 17:56:51 UTC
If this Feature should be included in the 7.1 Release Notes, could you please change the Doc Type from Enhancement to "Release Note"? Note that the Release Notes are intended to list the most prominent and customer-relevant new features rather than every single enhancement. Cheers, Jirka No release note needed. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-0478.html |