Display elliptic curves

[rugk]

It would be nice if the used elliptic curves could be displayed.

More information:

• https://security.stackexchange.com/questions/31772/what-elliptic-curves-are-supported-by-browsers
• https://en.wikipedia.org/wiki/Comparison_of_TLS_implementations#Supported_elliptic_curves

[sibiantony]

Yes. It is nice to have this displayed. So far I have only seen secp256r1 and secp384r1 (very rarely). The curve used is quite obvious going by the key size (displayed under the Certificate section). Not sure if adding the curve name would be much of a value add.

Still, would love to do that. (I'm thinking of a new line for the certificate key alone - or else the panel width won't be sufficient).

[rugk]

So far I have only seen secp256r1 and secp384r1 (very rarely).

Yes, this are the most common ones out of the NSAs B Suite.

The curve used is quite obvious going by the key size (displayed under the Certificate section).

The key size of the certificate and the curve are different ones. But here you certainly mean elliptical curves certificates (aka ECDSA or ECDH). But there is still also ECDHE...

Not sure if adding the curve name would be much of a value add.

Well... maybe currently there are not many curves, but there are many canidates and in the future this may be more important as some curves are already distrusted by some cryptologists.

I'm thinking of a new line for the certificate key alone

Yeah, maybe. Just keep in mind that they are also used for ECDHE... More about the differences here: https://security.stackexchange.com/questions/50878/ecdsa-vs-ecdh-vs-ed25519-vs-curve25519 More about the support of these curves in the different "parts" of an SSL connection here: https://security.stackexchange.com/questions/104993/does-elliptical-curves-in-ecdhe-and-ecdsa-are-the-same

[rugk]

Additionally of course in the UI you should not display "secp256r1 and secp384r1", but the more common names like P-256 and P-384.

[rugk]

The curve details from an ECC certificate (Public key algorithm parameters) is available. You can find it in Certificate -> Subject Public Key Algorithm -> Public key parameters. This can be displayed.

However, for a key exchange the curve used is always negotiated during the SSL handshake. (Client Hello -> ServerKeyExchange). So, no, the key exchange curve cannot be displayed.

from @sibiantony in https://github.com/sibiantony/ssleuth/issues/48

[rugk]

IMO displaying the curve used in the key exchange would be much more useful - just because it is much more used. However if this is not possible we cannot do much.

But at least: Would you mind creating an issue on Bugzilla about this? So that it - hopefully - will be possible in the future to read this information.

[rugk]

Good news: The issue for the RFC by EFF has been closed.

[sibiantony]

Yes, it's only the RFC commit which says

There is no way of extracting this from the key exchange method defined in the cipherSuite (and this is decoupled from the cipher suite in TLS 1.3). For ECHD(E) methods this should be a string containing the name of the group curve used.

Finally, this has to be implemented in Firefox by someone. The keyExchangeGroup string is also made optional in the RFC. So there is no guarantee that it will be present.

[rugk]

Sure… https://bugzilla.mozilla.org/show_bug.cgi?id=1322748#c43 https://github.com/EFForg/webrequest-tlsinfo-api/pull/18#issuecomment-323991073