Skip to content

Use ECDSA P-256 instead of 4096-bit RSA for 'tls ephemeral'

Arаm Sаrgsyаn requested to merge 2264-tls-ephemeral-rsa-to-ecc into main

ECDSA P-256 performs considerably better than the previously used 4096-bit RSA (can be observed using openssl speed), and, according to RFC 6605, provides a security level comparable to 3072-bit RSA.

Closes #2264 (closed)

Merge request reports