Remove secp256k1 from the default X.509 and TLS profiles
For TLS, secp256k1 is deprecated by RFC 8422 ยง5.1.1. For X.509,
secp256k1 is not deprecated, but it isn't used in practice, especially
in the context of TLS where there isn't much point in having an X.509
certificate which most peers do not support. So remove it from the
default profile. We can add it back later if there is demand.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index 9c7016d..f991251 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -335,11 +335,11 @@
*
* This profile permits:
* - SHA2 hashes with at least 256 bits: SHA-256, SHA-384, SHA-512.
- * - Elliptic curves with 255 bits and above.
+ * - Elliptic curves with 255 bits and above except secp256k1.
* - RSA with 2048 bits and above.
*
* New minor versions of Mbed TLS may extend this profile, for example if
- * new curves are added to the library. New minor versions of Mbed TLS will
+ * new algorithms are added to the library. New minor versions of Mbed TLS will
* not reduce this profile unless serious security concerns require it.
*/
extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default;