From 20de5509db973b23d96bf7841e6e71b6c56fcc5d Mon Sep 17 00:00:00 2001 From: Kevin Burke Date: Mon, 10 Apr 2017 10:22:26 -0700 Subject: [PATCH] crypto/tls: recommend P256 elliptic curve Users (like myself) may be tempted to think the higher-numbered curve is somehow better or more secure, but P256 is currently the best ECDSA implementation, due to its better support in TLS clients, and a constant time implementation. For example, sites that present a certificate signed with P521 currently fail to load in Chrome stable, and the error on the Go side says simply "remote error: tls: illegal parameter". Fixes #19901. Change-Id: Ia5e689e7027ec423624627420e33029c56f0bd82 Reviewed-on: https://go-review.googlesource.com/40211 Reviewed-by: Brad Fitzpatrick --- generate_cert.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/generate_cert.go b/generate_cert.go index 83f9916..8ee2b59 100644 --- a/generate_cert.go +++ b/generate_cert.go @@ -33,7 +33,7 @@ var ( validFor = flag.Duration("duration", 365*24*time.Hour, "Duration that certificate is valid for") isCA = flag.Bool("ca", false, "whether this cert should be its own Certificate Authority") rsaBits = flag.Int("rsa-bits", 2048, "Size of RSA key to generate. Ignored if --ecdsa-curve is set") - ecdsaCurve = flag.String("ecdsa-curve", "", "ECDSA curve to use to generate a key. Valid values are P224, P256, P384, P521") + ecdsaCurve = flag.String("ecdsa-curve", "", "ECDSA curve to use to generate a key. Valid values are P224, P256 (recommended), P384, P521") ) func publicKey(priv interface{}) interface{} {