Alice Wonder wrote: > On 10/19/2016 11:34 AM, Leonard den Ottolander wrote: >> Hello Gordon, >> > *snip* >> >> Personally I would be more concerned whether or not to enable ECDSA >> algorithms (https://blog.cr.yp.to/20140323-ecdsa.html). >> > For web server ECDSA certs is currently a concern because the only > curves with popular support across browsers have parameters that were > chosen for undocumented reasons. > > That doesn't mean they are vulnerable but there is a question. > > OpenSSH uses Curve25519 for ECDSA which has documented reasons for the > parameters chosen and thus are far less likely to be nefariously chosen. > > At least that's my understanding of the situation, which could be flawed. Oh, are those the ones with the NSA backdoor curve? mark