Disabling support of explicit curves in OpenSSL via compilation options
Nicola Tuveri Fri 16 Jan 2026 4:56AMPublicSeen by 33Using explicit elliptic curves defined over explicit parameters is often discouraged for security reasons, and there is a number of CVEs assigned to attacks that leverages them as an attack vector.
A new PR has been proposed to disable their support at build time in OpenSSL, and to disable it by default. https://github.com/openssl/openssl/pull/29639 is basically ready and the only remaining question is whether we should disable the support of explicit EC curves by default or not, and when.
Other communities have already chimed in:
I’d like to collect your opinion on this matter and solicit your feedback on the change and how it is going to impact your use cases.
Disabling support for explicit elliptic curves
poll by Nicola Tuveri Closed Fri 23 Jan 2026 12:00PM
Using explicit elliptic curves defined over explicit parameters is often discouraged for security reasons, and there is a number of CVEs assigned to attacks that leverages them as an attack vector.
A new PR has been proposed to disable their support at build time in OpenSSL, and to disable it by default. https://github.com/openssl/openssl/pull/29639 is basically ready and the only remaining question is whether we should disable the support of explicit EC curves by default or not, and when.
Other communities have already chimed in:
I’d like to collect your opinion on this matter and solicit your feedback on the change and how it is going to impact your use cases.
Results
| Results | Option | % of points | Voters | |||
|---|---|---|---|---|---|---|
| Disable by default for 4.0 | 80 | 4 |   | |||
| Do not disable by default | 20 | 1 |  | |||
| Disable by default after 4.0 | 0 | 0 | ||||
| Undecided | 32 |                 |
5 of 37 votes cast (13% participation)
Shubham KumarFri 16 Jan 2026 5:03AM
Given the vulnerabilities associated with malicious parameters (such as CVEs mentioned on github), it is best to disable them by default during compilation. However, I dont know if there are major use cases or applications with it either, except for the one mentioned in the distribution community by Clemens (just got to know), imo, it will be better to remove it entirely from the codebase to prevent any future attacks.
Nicola TuveriFri 16 Jan 2026 5:03AM
I believe this should be disabled by default, but I am on the fence regarding being in time for the 4.0 release. Given this is just a build-time default, and anyway major distributions report these are not in use by most users, I am feeling adventurous and voting for default disabled by 4.0.
To paraphrase Uri, the users that want to shoot themselves (or the distributions that want to enable them) do not lose the option of building with explicit parameters support, if they want to defer past 4.0
Uri BlumenthalFri 16 Jan 2026 8:54PM
ECC in general needs to die. However, as long as ECC still lives - explicit curves have their place. Let's not be too heavy-handed here. (I wanted to add that not all the users are idiots, and those that are will find a way to shoot themselves and others in the foot regardless, but you should have experienced that obvious truth already.)
Billy Brumley ·Fri 16 Jan 2026 11:52AM
this is legacy stuff that just needs to die. NSS stripped it out a long, long time ago