Re: Generating CSR based on an x25519 public key

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

  • How would we be able to achieve this? I have read somewhere on a 2016 mail in the archives that it is an "encrypt-only" algorithm  and that is not possible.

 

X25519 is a key-exchange-only algorithm.  Ed25519 is a signing algorithm.  Unlike classic RSA, the signing and the key exchange are two different operations (well, technically RSA doesn’t have key exchange).  Both are defined by IETF RFC’s.  OpenSSL doesn’t fully support Ed25519.

 

  • But I have found many sites on let's encrypt already using this.

 

Are you sure?  Please post a key.  Ed25519 is quite different from EdDSA or ECDSA or DSA, which typically use a P-256 curve.

 

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux