Okay, FF does ECDHE not DHE/EDH. The whole industry does that, and most are using X25519 which was developed by Dan Bernstein.
The Guardian article you referenced didn’t even have the word curve in it. My question – do you have a reference that shows Schneier says not to use elliptic curve – was not answered. * The NSA actually provided the elliptic curves for NIST's standards. And the Snowden docs now show that those curves are related. No they do not show that the curves are related. And BTW, NIST just put 25519 and 448 into their recommended list. * PS - does OpenSSL get funding from the DoD? Not that we know of, not at the present time. Various branches did help fund FIPS work in the past.
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
