Alternative TLS implementation in Go
20de5509db
Users (like myself) may be tempted to think the higher-numbered curve is somehow better or more secure, but P256 is currently the best ECDSA implementation, due to its better support in TLS clients, and a constant time implementation. For example, sites that present a certificate signed with P521 currently fail to load in Chrome stable, and the error on the Go side says simply "remote error: tls: illegal parameter". Fixes #19901. Change-Id: Ia5e689e7027ec423624627420e33029c56f0bd82 Reviewed-on: https://go-review.googlesource.com/40211 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> |
||
|---|---|---|
| testdata | ||
| alert.go | ||
| cipher_suites.go | ||
| common.go | ||
| conn_test.go | ||
| conn.go | ||
| example_test.go | ||
| generate_cert.go | ||
| handshake_client_test.go | ||
| handshake_client.go | ||
| handshake_messages_test.go | ||
| handshake_messages.go | ||
| handshake_server_test.go | ||
| handshake_server.go | ||
| handshake_test.go | ||
| key_agreement.go | ||
| prf_test.go | ||
| prf.go | ||
| ticket.go | ||
| tls_test.go | ||
| tls.go | ||