mirror of
https://github.com/minio/minio.git
synced 2024-12-25 22:55:54 -05:00
21a3c0f482
This change disables the non-constant-time implementations of P-384 and P-521. As a consequence a client using just these curves cannot connect to the server. This should be no real issues because (all) clients at least support P-256. Further this change also rejects ECDSA private keys of P-384 and P-521. While non-constant-time implementations for the ECDHE exchange don't expose an obvious vulnerability, using P-384 or P-521 keys for the ECDSA signature may allow pratical timing attacks. Fixes #5844 |
||
---|---|---|
.. | ||
bucket | ||
chroot | ||
config | ||
deployment/kernel-tuning | ||
disk-caching | ||
distributed | ||
docker | ||
erasure | ||
gateway | ||
healthcheck | ||
large-bucket | ||
metric | ||
multi-tenancy | ||
orchestration | ||
screenshots | ||
shared-backend | ||
tls | ||
zh_CN | ||
minio-limits.md |