Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Change defaults to more secure #96

Open
tomato42 opened this issue Sep 5, 2018 · 1 comment
Open

Change defaults to more secure #96

tomato42 opened this issue Sep 5, 2018 · 1 comment
Labels
feature functionality to be implemented
Milestone
v1.0.0

Comments

@tomato42
Copy link
Member

tomato42 commented Sep 5, 2018

The default curve is prime192v1 - weak, and deprecated/unusable in TLS 1.3
The default hash is sha1 - similarly, weak and deprecated/unusable in TLS 1.3

The library should default to P-256 (as the weakest/fastest curve generally considered safe) and SHA-256 (hash typically paired with it).
@tomato42 tomato42 added the feature functionality to be implemented label Sep 5, 2018
@tomato42 tomato42 added this to the v0.15 milestone Sep 5, 2018
@tomato42 tomato42 modified the milestones: v0.15, someday/future Oct 28, 2019
@tomato42 tomato42 modified the milestones: someday/future, v1.0 Nov 29, 2019
@tomato42
Copy link
Member Author

Since this would break API compatibility, postpone it till first release that will do that: 1.0

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
feature functionality to be implemented
Projects
None yet
Milestone
v1.0.0
Development

No branches or pull requests
1 participant
@tomato42