From 15798859fcf1906b61902dd13f8667791b1ffc24 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Sun, 18 Jun 2017 14:35:57 +0200 Subject: NORMAL priority: no longer enable the smaller curves by default They are not widely enabled by web servers, and they provide no advantage over X25519. Signed-off-by: Nikos Mavrogiannopoulos --- lib/priority.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/lib/priority.c b/lib/priority.c index 6a7d32de50..3d99e69b22 100644 --- a/lib/priority.c +++ b/lib/priority.c @@ -109,10 +109,6 @@ static const int _supported_ecc_normal[] = { GNUTLS_ECC_CURVE_SECP384R1, GNUTLS_ECC_CURVE_SECP521R1, GNUTLS_ECC_CURVE_X25519, /* draft-ietf-tls-rfc4492bis */ -#ifdef ENABLE_NON_SUITEB_CURVES - GNUTLS_ECC_CURVE_SECP224R1, - GNUTLS_ECC_CURVE_SECP192R1, -#endif 0 }; static const int* supported_ecc_normal = _supported_ecc_normal; -- cgit v1.2.1