4 comments

[ 4.3 ms ] story [ 23.4 ms ] thread
This is from 2004.

The problem with ECC is (has been, rather) that it's covered by patents, and OpenSSL didn't have ECC APIs until very recently. I believe the implementation in the latest versions of OpenSSL are based on the work of the same authors. Unfortunately, with so much deployed code using RSA-based handshakes, it seems tough for ECC to gain traction all that soon.

If your SSL handshaking is a performance-limiting step, you're doing something wrong. Yes, ECC can be faster than RSA... but it really doesn't matter for SSL.
(comment deleted)