search

golang / go

The Go programming language
https://go.dev
BSD 3-Clause "New" or "Revised" License
121.42k stars 17.4k forks source link

proposal: crypto/tls: add ConnectionState.CurveID #67516

Open FiloSottile opened 2 months ago

FiloSottile commented 2 months ago

Proposal Details

With #67061, the selected "CurveID" is the difference between a post-quantum connection and not. We should expose it in ConnectionState. I actually assumed we were already exposing this.

It's unfortunate to use the CurveID misnomer, but ConnectionState doesn't feel like the place to start introducing a new name, it will only cause confusion.

/cc @golang/security

FiloSottile commented 2 months ago

If a deprecated RSA KEX is used, CurveID will be zero.