EAP-TLS and elliptic curves (OPEN)
Weisteen Per
per.weisteen at telenor.no
Tue Apr 13 10:39:18 CEST 2021
Hi
I've got some supplicants that only supports secp256r1/prime256v1 as elliptic curve while others support additional curves like x25519, secp384r1 etc.
Currently I've set ecdh_curve To prime256v1 which then applies to all supplicants.
If I set ecdh_curve parameter empty will the server key exchange adjust curve info dynamically according to what the supplicant has announced in TLS client hello using the "best" curve available ?
./PerW
Sensitivity: Internal
More information about the Freeradius-Users
mailing list