Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

doc: add tls.DEFAULT_ECDH_CURVE #10264

Closed
wants to merge 2 commits into from

Conversation

Projects
None yet
8 participants
@sam-github
Copy link
Member

commented Dec 14, 2016

Checklist
  • documentation is changed or added
  • commit message follows commit guidelines
Affected core subsystem(s)

doc

Description of change

A user can change the default curve for ECDH key agreement by
using tls.DEFAULT_ECDH_CURVE.

From #1495 (comment), forward-port 02a51cf to master.

/to @shigeki

doc/api/tls.md Outdated
The default curve name to use for ECDH key agreement. The default value is
`'prime256v1'` (NIST P-256). Consult [RFC 4492] for more details.


This comment has been minimized.

Copy link
@italoacasas

italoacasas Dec 16, 2016

Member

nit: extra space

@bnoordhuis
Copy link
Member

left a comment

LGTM if you drop the extra blank line.

doc/api/tls.md Outdated
@@ -1076,6 +1076,12 @@ For example:
console.log(tls.getCiphers()); // ['AES128-SHA', 'AES256-SHA', ...]
```

## tls.DEFAULT_ECDH_CURVE

The default curve name to use for ECDH key agreement. The default value is

This comment has been minimized.

Copy link
@shigeki

shigeki Dec 16, 2016

Contributor

This is only effective on the key agreement on a tls server. I think that for ECDH key agreement in a tls server. is better.

doc/api/tls.md Outdated
## tls.DEFAULT_ECDH_CURVE

The default curve name to use for ECDH key agreement. The default value is
`'prime256v1'` (NIST P-256). Consult [RFC 4492] for more details.

This comment has been minimized.

Copy link
@shigeki

shigeki Dec 16, 2016

Contributor

RFC4492 seems to be old but the current RFC4492bis is under LastCall and not finished yet. The reference of prime256v1/NIST P-256 in RF4492 is outdated so I think it is better also to add the latest FIPS reference of FIPS.186-4 for NIST P-256. The reference link is also missed.

--- a/doc/api/tls.md
+++ b/doc/api/tls.md
@@ -1078,9 +1078,9 @@ console.log(tls.getCiphers()); // ['AES128-SHA', 'AES256-SHA', ...]

 ## tls.DEFAULT_ECDH_CURVE

-The default curve name to use for ECDH key agreement. The default value is
-`'prime256v1'` (NIST P-256). Consult [RFC 4492] for more details.
-
+The default curve name to use for ECDH key agreement in a tls
+server. The default value is `'prime256v1'` (NIST P-256). Consult [RFC
+4492] and [FIPS.186-4] for more details.

 ## Deprecated APIs

@@ -1219,3 +1219,5 @@ where `secure_socket` has the same API as `pair.cleartext`.
 [`tls.TLSSocket.getPeerCertificate()`]: #tls_tlssocket_getpeercertificate_detailed
 [`tls.createSecureContext()`]: #tls_tls_createsecurecontext_options
 [`tls.connect()`]: #tls_tls_connect_options_callback
+[RFC 4492]: https://www.rfc-editor.org/rfc/rfc4492.txt
+[FIPS.186-4]: http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf

Shigeki Ohtsu and others added some commits Apr 23, 2015

doc: add tls.DEFAULT_ECDH_CURVE
A user can change the default curve for ECDH key agreement by
using tls.DEFAULT_ECDH_CURVE.

@sam-github sam-github force-pushed the sam-github:doc-default-ecdh-curve branch to 3b6f83a Dec 21, 2016

@sam-github

This comment has been minimized.

Copy link
Member Author

commented Dec 21, 2016

@shigeki PTAL, I used your text verbatim, thanks.

@shigeki
Copy link
Contributor

left a comment

LGTM.
@sam-github Please rebase the commits in your name not mine.

jasnell added a commit that referenced this pull request Dec 27, 2016

doc: add tls.DEFAULT_ECDH_CURVE
A user can change the default curve for ECDH key agreement by
using tls.DEFAULT_ECDH_CURVE.

PR-URL: #10264
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Italo A. Casas <me@italoacasas.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
@jasnell

This comment has been minimized.

Copy link
Member

commented Dec 27, 2016

Landed in 97ab4b2

@jasnell jasnell closed this Dec 27, 2016

@sam-github

This comment has been minimized.

Copy link
Member Author

commented Dec 29, 2016

Thanks @jasnell and thanks for rewriting author.

@sam-github sam-github deleted the sam-github:doc-default-ecdh-curve branch Dec 29, 2016

@evanlucas evanlucas referenced this pull request Jan 3, 2017

Merged

v7.4.0 release proposal #10589

evanlucas added a commit that referenced this pull request Jan 3, 2017

doc: add tls.DEFAULT_ECDH_CURVE
A user can change the default curve for ECDH key agreement by
using tls.DEFAULT_ECDH_CURVE.

PR-URL: #10264
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Italo A. Casas <me@italoacasas.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>

evanlucas added a commit that referenced this pull request Jan 4, 2017

doc: add tls.DEFAULT_ECDH_CURVE
A user can change the default curve for ECDH key agreement by
using tls.DEFAULT_ECDH_CURVE.

PR-URL: #10264
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Italo A. Casas <me@italoacasas.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
@MylesBorins

This comment has been minimized.

Copy link
Member

commented Jan 23, 2017

@sam-github does this apply to the v4 and v6 implementation? If so feel free to backport

sam-github added a commit to sam-github/node that referenced this pull request Jan 24, 2017

doc: add tls.DEFAULT_ECDH_CURVE
A user can change the default curve for ECDH key agreement by
using tls.DEFAULT_ECDH_CURVE.

PR-URL: nodejs#10264
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Italo A. Casas <me@italoacasas.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>

@sam-github sam-github referenced this pull request Jan 24, 2017

Closed

v4 backport: doc: add tls.DEFAULT_ECDH_CURVE #10984

0 of 4 tasks complete
@sam-github

This comment has been minimized.

Copy link
Member Author

commented Jan 24, 2017

It does apply, and I just PRed #10984, but I have doubts.

The only reason it didn't land is it builds on #9800, which is marked
as don't land :-(. The docs apply, I'll try to figure out tomorrow why they were marked like that.

@sam-github

This comment has been minimized.

Copy link
Member Author

commented Jan 25, 2017

@MylesBorins this lands clean on v6.x, but isn't in v6.x-staging yet, is there some problem with it?

@sam-github

This comment has been minimized.

Copy link
Member Author

commented Jan 27, 2017

Its too much energy to backport docs to 4.x. Lands clean on 6.x.

MylesBorins added a commit that referenced this pull request Mar 7, 2017

doc: add tls.DEFAULT_ECDH_CURVE
A user can change the default curve for ECDH key agreement by
using tls.DEFAULT_ECDH_CURVE.

PR-URL: #10264
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Italo A. Casas <me@italoacasas.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>

MylesBorins added a commit that referenced this pull request Mar 9, 2017

doc: add tls.DEFAULT_ECDH_CURVE
A user can change the default curve for ECDH key agreement by
using tls.DEFAULT_ECDH_CURVE.

PR-URL: #10264
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Italo A. Casas <me@italoacasas.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>

@MylesBorins MylesBorins referenced this pull request Mar 9, 2017

Merged

v6.10.1 proposal #11759

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.