Hi,
On 05-11-16 02:29, jack seth wrote:
> How large of elliptic curve keys and EC DH parameters can 2.4 handle?
As large as the underlying crypto library version can. P-521 shouldn't
be a problem. General consensus (looking at e.g. IKE and TLS) seems to
be that 256/384 bits curves are good enough (e.g. curve25519, P-256 or
P-384).
(You might run in to issues if you are using other features that need to
comply, such as --pkcs11-* ('smart cards'), --management-external-key or
--cryptoapicert, but if it's just a key file you're trying to load that
shouldn't be a problem.)
-Steffan
------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
