-2

I know it had been asked before here, but that was back in 2009.

Now that it is widely supported by browsers (Requires TLS 1.1, only added in Chrome 22+, FF 23 released Aug 8 2013, IE9+),
AND can be used with Nginx using OpenSSL 1.0.1e (Released Feb. 13 2013),
AND that all TLS except ECC is now breakable in under 30 seconds,
There is a better case for it.

Still, I am unable to find if any of the major CAs issue ECC.

Community
  • 1
Nadav
  • 133
  • 8
  • 2
    EC crypto will not protect your from either CRIME or BREACH. You may want to read up on how those attacks work, and then consider disabling compression for your service. As it is, this is off-topic because it's about where to find a product, but such certificates wouldn't be helpful even if RSA was worthless, unless the CA's entire trust root also used ECDSA. – Falcon Momot Sep 04 '13 at 09:53

1 Answers1

1

AND that all TLS except ECC is now breakable in under 30 seconds

Not true at all - the premise of BREACH (and CRIME for that matter) is that content is served using HTTP Compression.

Follow this simple step-by-step guide:

  • STEP 1: Disable HTTP Compression on HTTPS endpoints

Congratulations! - you've mitigated the vulnerability in 30 seconds

Mathias R. Jessen
  • 25,161
  • 4
  • 63
  • 95