Supported groups

The TLSv1.3 and TLSv1.2 protocols share an extension in the handshake messages that each protocol label and interpret differently. The TLSv1.3 protocol refers to it as "supported_groups" and uses it to determine the elliptic curve group that is used for key exchange. The TLSv1.2 protocol refers to it as "elliptic_curves" and uses it to determine the elliptic curve group that is used for key exchange and also uses it to determine supported certificates.

System SSL/TLS system level settings and GSKit attributes are tailored for TLSv1.3 though also used for TLSv1.2 when appropriate.

System SSL/TLS supports Elliptic Curve Digital Signature Algorithm (ECDSA) based certificates. The key size for an ECDSA certificate is determined by the named curve set when the certificate is created.

System SSL/TLS and the Digital Certificate Manager (DCM) have the infrastructure to support the following named curves:

x25519
x448
Secp521r1
Secp384r1
Secp256r1
Secp224r1
Secp192r1

When you view a certificate in DCM, the key size that is associated with the named curve used to create the certificate is displayed in bits.

Enabled named elliptic curve groups

The System Service Tools (SST) Advanced Analysis command SSLCONFIG identifies the system level setting to restrict the supported named elliptic curve groups.

Start of change When used for TLSv1.3 protocol negotiation, it restricts which named elliptic curve groups are allowed for key exchange. It has no impact on certificate selection or support. End of change

Start of change When used for TLSv1.2 protocol negotiation, it is used for two different purposes. Like TLSv1.3, it restricts which named elliptic curve groups are allowed for key exchange. The second purpose is to restrict the ECDSA key sizes that are allowed for a certificate. The restriction applies to local and peer certificates and includes both client and server certificates. Restricting the supported list of named elliptic curves results in a handshake failure when the server or client certificate contain an ECDSA key size not in the supported list. End of change

To determine the current value of the enabled named elliptic curve group list, use SSLCONFIG option –display or the Retrieve TLS Attributes (QsoRtvTLSA) API. If the enabled named elliptic curve group list on the system must be changed, use SSLCONFIG option supportedNamedCurve to change the value. SSLCONFIG option -h displays the help text that describes how to set the named elliptic curve group values. Only named curve values that are listed in the help text can be added to the list.

Note: The SSLCONFIG supportedNamedCurve setting is reset by installing the Licensed Internal Code (LIC).

Example of setting 256 and 384-bit key sizes as the supported named elliptic curve group list on the system:

SSLCONFIG -supportedNamedCurve:23,24

System SSL/TLS with TCP/IP PTF group level 5 installed has the following list of supported named elliptic curve groups:

x25519
x448
Secp521r1
Secp384r1
Secp256r1
Secp224r1
Secp192r1

Default named elliptic curve groups

When an application does not specify a named elliptic curve group list, the System SSL/TLS default named elliptic curve group list is used. Applications use this design to pick up new TLS support without requiring application code changes. The default named elliptic curve group list has no meaning for applications that explicitly specify the named elliptic curve group list for the application.

The default named elliptic curve group list on a system is the intersection of the enabled named elliptic curve group list and the eligible default named elliptic curve group list. The eligible default named elliptic curve group list is configured by using SSLCONFIG option defaultNamedCurve.

To determine the current value of the default named elliptic curve group list on the system, use SSLCONFIG option –display or the Retrieve TLS Attributes (QsoRtvTLSA) API.

Consider changing the default named elliptic curve groups settings only when no other configuration setting allows an application to interoperate with peers successfully. It is preferred to enable a weaker named elliptic curve group for only the specific application that requires it. When the application has an “application definition,” then this enablement is accomplished through the Digital Certificate Manager (DCM).

If the default named elliptic curve group list must be changed on the system, use SSLCONFIG option defaultNamedCurve to change the value. SSLCONFIG option -h displays the help panel that describes how to set the named elliptic curve group list. Only named elliptic curve groups that are listed in the help text can be added to the list.

Note: The SSLCONFIG defaultNamedCurve setting is reset by installing the Licensed Internal Code (LIC).

Example of setting 256 and 384-bit key sizes as the default named elliptic curve group list on the system:

SSLCONFIG -namedCurve:23,24

The following displays the order of the shipped default named elliptic curve groups when TCP/IP PTF group level 5 is installed: Start of change

Secp256r1
Secp384r1
x25519
Secp521r1
x448