Re: ecdh support causes unnecessary roundtrips

Daniel Gustafsson <daniel@yesql.se>

From: Daniel Gustafsson <daniel@yesql.se>
To: Jacob Champion <jacob.champion@enterprisedb.com>
Cc: Andres Freund <andres@anarazel.de>, PostgreSQL Hackers <pgsql-hackers@postgresql.org>, Marko Kreen <markokr@gmail.com>, Adrian Klaver <adrian.klaver@gmail.com>, Peter Eisentraut <peter_e@gmx.net>, Heikki Linnakangas <hlinnaka@iki.fi>
Date: 2025-03-04T19:19:47Z
Lists: pgsql-hackers
> On 4 Mar 2025, at 20:13, Jacob Champion <jacob.champion@enterprisedb.com> wrote:
> 
> On Mon, Jul 29, 2024 at 3:26 PM Daniel Gustafsson <daniel@yesql.se> wrote:
>>> On 17 Jun 2024, at 19:56, Andres Freund <andres@anarazel.de> wrote:
>>> On 2024-06-17 19:51:45 +0200, Daniel Gustafsson wrote:
>> 
>>>> Changing the default of the ecdh GUC would perhaps be doable?
>>> 
>>> I was wondering whether we could change the default so that it accepts both
>>> x25519 and secp256r1. Unfortunately that seems to requires changing what we
>>> use to set the parameter...
>> 
>> Right.  The patch in https://commitfest.postgresql.org/48/5025/ does allow for
>> accepting both but that's a different discussion.
> 
> Just a reminder that, if we do want to change this for 18 onward, the
> window is closing. Adding x25519 to the default groups seems like a
> good idea to me, whether we can get something backpatched or not.

Thanks for the reminder, this is sitting on my must-have TODO for 18 and I
agree that we should add x25519 to the default set.

--
Daniel Gustafsson




Commits

  1. doc: Add note to ssl_group config on X25519 and FIPS

  2. Avoid using the X25519 curve in ssl tests

  3. Add X25519 to the default set of curves

  4. SSL: Support ECDH key exchange