secp521r1 removed from 1.4.6

Maxim Dounin mdounin at
Fri Mar 14 09:02:37 UTC 2014


On Thu, Mar 13, 2014 at 03:04:11PM -0400, nginxu14 wrote:

> Sorry for wasting your time you are correct secp512r1 isnt there when I run
> the command.
> Im guessing that secp256r1 isnt in the list because its just the default
> one. Just using the default settings and not setting a curve uses secp256r1
> and secp384r1 works by setting it in ssl_ecdh_curve.

Secp256r1 and prime256v1 are just different names of the same 
curve.  (And yes, it's used by default.)

> I like CentOS its the only OS I use for servers but this kind of thing
> annoys me about CentOS because its waiting for Red Hat to enable secp521r1.
> I dont have the need for it but it would be nice to have the option.

256 bit ECC is believed to be equivalent to 3096 bit RSA, and 521 
bit ECC - to 16384 bit RSA.  So in case of https, unless you are 
using 16384 bit RSA certificates, use of secp521r1 is mostly 
pointless and just wastes CPU cycles.

> Looking at this: it
> is coming but not sure when.

Note well that this link correctly points out that secp521r1 isn't 
supported by IE (yet?), so it's use isn't a good idea from 
compatibility point of view, too.

Maxim Dounin

More information about the nginx mailing list