doc: add tls.DEFAULT_ECDH_CURVE by sam-github · Pull Request #10264 · nodejs/node

sam-github · 2016-12-14T15:22:38Z

Checklist

documentation is changed or added
commit message follows commit guidelines

Affected core subsystem(s)

doc

Description of change

A user can change the default curve for ECDH key agreement by
using tls.DEFAULT_ECDH_CURVE.

From #1495 (comment), forward-port 02a51cf to master.

/to @shigeki

italoacasas · 2016-12-16T02:34:52Z

doc/api/tls.md

nit: extra space

bnoordhuis

LGTM if you drop the extra blank line.

shigeki · 2016-12-16T15:24:53Z

doc/api/tls.md

This is only effective on the key agreement on a tls server. I think that for ECDH key agreement in a tls server. is better.

shigeki · 2016-12-16T15:33:00Z

doc/api/tls.md

RFC4492 seems to be old but the current RFC4492bis is under LastCall and not finished yet. The reference of prime256v1/NIST P-256 in RF4492 is outdated so I think it is better also to add the latest FIPS reference of FIPS.186-4 for NIST P-256. The reference link is also missed.

--- a/doc/api/tls.md +++ b/doc/api/tls.md @@ -1078,9 +1078,9 @@ console.log(tls.getCiphers()); // ['AES128-SHA', 'AES256-SHA', ...] ## tls.DEFAULT_ECDH_CURVE -The default curve name to use for ECDH key agreement. The default value is -`'prime256v1'` (NIST P-256). Consult [RFC 4492] for more details. - +The default curve name to use for ECDH key agreement in a tls +server. The default value is `'prime256v1'` (NIST P-256). Consult [RFC +4492] and [FIPS.186-4] for more details. ## Deprecated APIs @@ -1219,3 +1219,5 @@ where `secure_socket` has the same API as `pair.cleartext`. [`tls.TLSSocket.getPeerCertificate()`]: #tls_tlssocket_getpeercertificate_detailed [`tls.createSecureContext()`]: #tls_tls_createsecurecontext_options [`tls.connect()`]: #tls_tls_connect_options_callback +[RFC 4492]: https://www.rfc-editor.org/rfc/rfc4492.txt +[FIPS.186-4]: http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf

A user can change the default curve for ECDH key agreement by using tls.DEFAULT_ECDH_CURVE.

sam-github · 2016-12-21T17:56:27Z

@shigeki PTAL, I used your text verbatim, thanks.

shigeki

LGTM.
@sam-github Please rebase the commits in your name not mine.

A user can change the default curve for ECDH key agreement by using tls.DEFAULT_ECDH_CURVE. PR-URL: #10264 Reviewed-By: Roman Reiss <me@silverwind.io> Reviewed-By: Italo A. Casas <me@italoacasas.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>

jasnell · 2016-12-27T21:59:10Z

Landed in 97ab4b2

sam-github · 2016-12-29T19:53:49Z

Thanks @jasnell and thanks for rewriting author.

A user can change the default curve for ECDH key agreement by using tls.DEFAULT_ECDH_CURVE. PR-URL: #10264 Reviewed-By: Roman Reiss <me@silverwind.io> Reviewed-By: Italo A. Casas <me@italoacasas.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>

MylesBorins · 2017-01-23T00:53:49Z

@sam-github does this apply to the v4 and v6 implementation? If so feel free to backport

A user can change the default curve for ECDH key agreement by using tls.DEFAULT_ECDH_CURVE. PR-URL: nodejs#10264 Reviewed-By: Roman Reiss <me@silverwind.io> Reviewed-By: Italo A. Casas <me@italoacasas.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>

sam-github · 2017-01-24T22:19:48Z

It does apply, and I just PRed #10984, but I have doubts.

The only reason it didn't land is it builds on #9800, which is marked
as don't land :-(. The docs apply, I'll try to figure out tomorrow why they were marked like that.

sam-github · 2017-01-25T18:59:08Z

@MylesBorins this lands clean on v6.x, but isn't in v6.x-staging yet, is there some problem with it?

sam-github · 2017-01-27T21:41:45Z

Its too much energy to backport docs to 4.x. Lands clean on 6.x.

A user can change the default curve for ECDH key agreement by using tls.DEFAULT_ECDH_CURVE. PR-URL: #10264 Reviewed-By: Roman Reiss <me@silverwind.io> Reviewed-By: Italo A. Casas <me@italoacasas.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>

nodejs-github-bot added doc Issues and PRs related to the documentations. tls Issues and PRs related to the tls subsystem. dont-land-on-v7.x labels Dec 14, 2016

sam-github removed the dont-land-on-v7.x label Dec 14, 2016

silverwind approved these changes Dec 15, 2016

View reviewed changes

italoacasas reviewed Dec 16, 2016

View reviewed changes

doc/api/tls.md Outdated

Copy link

italoacasas Dec 16, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: extra space

italoacasas approved these changes Dec 16, 2016

View reviewed changes

bnoordhuis approved these changes Dec 16, 2016

View reviewed changes

shigeki suggested changes Dec 16, 2016

View reviewed changes

Shigeki Ohtsu and others added 2 commits December 21, 2016 09:55

doc: add tls.DEFAULT_ECDH_CURVE

8517058

A user can change the default curve for ECDH key agreement by using tls.DEFAULT_ECDH_CURVE.

fixup! doc: add tls.DEFAULT_ECDH_CURVE

3b6f83a

sam-github force-pushed the doc-default-ecdh-curve branch from 12e36b1 to 3b6f83a Compare December 21, 2016 17:55

jasnell approved these changes Dec 23, 2016

View reviewed changes

shigeki approved these changes Dec 26, 2016

View reviewed changes

jasnell closed this Dec 27, 2016

sam-github deleted the doc-default-ecdh-curve branch December 29, 2016 19:53

evanlucas mentioned this pull request Jan 3, 2017

v7.4.0 release proposal #10589

Merged

MylesBorins added lts-watch-v4.x labels Jan 23, 2017

sam-github mentioned this pull request Jan 24, 2017

v4 backport: doc: add tls.DEFAULT_ECDH_CURVE #10984

Closed

4 tasks

MylesBorins added dont-land-on-v4.x and removed lts-watch-v4.x labels Mar 7, 2017

MylesBorins mentioned this pull request Mar 9, 2017

v6.10.1 proposal #11759

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

doc: add tls.DEFAULT_ECDH_CURVE#10264

doc: add tls.DEFAULT_ECDH_CURVE#10264
sam-github wants to merge 2 commits intonodejs:masterfrom
sam-github:doc-default-ecdh-curve

sam-github commented Dec 14, 2016

Uh oh!

italoacasas Dec 16, 2016

Uh oh!

bnoordhuis left a comment

Uh oh!

shigeki Dec 16, 2016

Uh oh!

shigeki Dec 16, 2016

Uh oh!

sam-github commented Dec 21, 2016

Uh oh!

shigeki left a comment

Uh oh!

jasnell commented Dec 27, 2016

Uh oh!

sam-github commented Dec 29, 2016

Uh oh!

MylesBorins commented Jan 23, 2017

Uh oh!

sam-github commented Jan 24, 2017

Uh oh!

sam-github commented Jan 25, 2017

Uh oh!

sam-github commented Jan 27, 2017

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

8 participants

Uh oh!

Conversation

sam-github commented Dec 14, 2016

Checklist

Affected core subsystem(s)

Description of change

Uh oh!

italoacasas Dec 16, 2016

Choose a reason for hiding this comment

Uh oh!

bnoordhuis left a comment

Choose a reason for hiding this comment

Uh oh!

shigeki Dec 16, 2016

Choose a reason for hiding this comment

Uh oh!

shigeki Dec 16, 2016

Choose a reason for hiding this comment

Uh oh!

sam-github commented Dec 21, 2016

Uh oh!

shigeki left a comment

Choose a reason for hiding this comment

Uh oh!

jasnell commented Dec 27, 2016

Uh oh!

sam-github commented Dec 29, 2016

Uh oh!

MylesBorins commented Jan 23, 2017

Uh oh!

sam-github commented Jan 24, 2017

Uh oh!

sam-github commented Jan 25, 2017

Uh oh!

sam-github commented Jan 27, 2017

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

8 participants