crypto/tls: FIPS 140-3 modes reject ECDSA w/ curve P-521/SHA-512 in TLS [1.24 backport] #72823

gopherbot · 2025-03-12T15:48:22Z

@FiloSottile requested issue #71757 to be considered for backport to the next 1.24 minor release.

@gopherbot please open a backport change to Go 1.24 to revert the removal of P-521 in Go+BoringCrypto mode by cherry-picking CL 657095, as discussed above.

gopherbot · 2025-03-12T15:57:35Z

Change https://go.dev/cl/657135 mentions this issue: [release-branch.go1.24] crypto/tls: allow P-521 in FIPS 140-3 mode and Go+BoringCrypto

gopherbot added the CherryPickCandidate Used during the release process for point releases label Mar 12, 2025

gopherbot mentioned this issue Mar 12, 2025

crypto/tls: FIPS 140-3 modes reject ECDSA w/ curve P-521/SHA-512 in TLS #71757

Closed

gopherbot added this to the Go1.24.2 milestone Mar 12, 2025

dr2chase added the CherryPickApproved Used during the release process for point releases label Mar 12, 2025

gopherbot removed the CherryPickCandidate Used during the release process for point releases label Mar 12, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

crypto/tls: FIPS 140-3 modes reject ECDSA w/ curve P-521/SHA-512 in TLS [1.24 backport] #72823

crypto/tls: FIPS 140-3 modes reject ECDSA w/ curve P-521/SHA-512 in TLS [1.24 backport] #72823

gopherbot commented Mar 12, 2025 •

edited by gabyhelp

Loading

gopherbot commented Mar 12, 2025

crypto/tls: FIPS 140-3 modes reject ECDSA w/ curve P-521/SHA-512 in TLS [1.24 backport] #72823

crypto/tls: FIPS 140-3 modes reject ECDSA w/ curve P-521/SHA-512 in TLS [1.24 backport] #72823

Comments

gopherbot commented Mar 12, 2025 • edited by gabyhelp Loading

gopherbot commented Mar 12, 2025

gopherbot commented Mar 12, 2025 •

edited by gabyhelp

Loading