Forum

PCI-DSS Compliance - Disable secp192r1/secp192k1

Lars Holgerson
6 November 2016, 07:31
Hi,

we recently checked our site with https://www.htbridge.com/ and found that secp192r1 and secp192k1 elliptic curves are no longer allowed for PCI-DSS compliance.

It would be great if we could disable these curves using a directive in hiawatha.conf, e.g.:
MinECCcurve = secp224

Or is this only possible by recompiling hiawatha (and change some lines in mbedTLS) ?

Thank you !
This topic has been closed.