Eero Volotinen wrote: > mark wrote: > I agree, but I just don't know how much in the way of manhours that would >> involved. >> >> However, if you do get it all built, and build packages out of them, >> there is an extras? contribs? repo, and I'd encourage you to submit it for >> that. > > RHEL nowdays supports already Elliptic Curve on openssl. Um, I guess you haven't read the news lately - the most used, POSIX-mandated elliptic curve is backdoored by the US NSA - when the standards committee was writing the standard, they pushed the backdoored version. <https://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html> >From one of the linked-two essays: As was revealed today, the NSA also works with security product vendors to ensure that commercial encryption products are broken in secret ways that only it knows about. We know this has happened historically: CryptoAG and Lotus Notes are the most public examples, and there is evidence of a back door in Windows. A few people have told me some recent stories about their experiences, and I plan to write about them soon. Basically, the NSA asks companies to subtly change their products in undetectable ways: making the random number generator less random, leaking the key somehow, adding a common exponent to a public-key exchange protocol, and so on. If the back door is discovered, it's explained away as a mistake. And as we now know, the NSA has enjoyed enormous success from this program --- end excerpt --- <http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance> mark