Hi @agl why does BoringSSL nuke P521 since Jan 15 2015? Now @BRIAN_____ wants to kill it in NSS too. What's going on? 
@_miw Off by 1. Vista sends P-521, but Win 7 does not. See https://msdn.microsoft.com/en-us/library/windows/desktop/aa374757%28v=vs.85%29.aspx … and https://www.ssllabs.com/ssltest/viewClient.html?name=IE&version=11&platform=Win%207 … and https://www.ssllabs.com/ssltest/viewClient.html?name=IE&version=7&platform=Vista ….
-
-
@BRIAN_____ I don't think qualsys is correct. I tested this on several w7 boxes yesterday and they all had 3 curves in the CH from IE. Hmmmm -
@_miw@BRIAN_____ Looks like it was added in the recent SChannel security update -
@yuhong2@BRIAN_____@marshray really?? RCE patch shibboleths = bad. Need confirm CVE-2014-6321 patch adds P521 to ECext in CH on 7 and !8+
End of conversation
New conversation -
-
-
@BRIAN_____ I'm coming around to the idea to deprecate anyway. looks like it was dead long time ago :-( runtime toggle would be good.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.