EAP-TLS and elliptic curves (OPEN)
per.weisteen at telenor.no
Tue Apr 13 10:39:18 CEST 2021
I've got some supplicants that only supports secp256r1/prime256v1 as elliptic curve while others support additional curves like x25519, secp384r1 etc.
Currently I've set ecdh_curve To prime256v1 which then applies to all supplicants.
If I set ecdh_curve parameter empty will the server key exchange adjust curve info dynamically according to what the supplicant has announced in TLS client hello using the "best" curve available ?
More information about the Freeradius-Users