File tree Expand file tree Collapse file tree 1 file changed +5
-4
lines changed
Expand file tree Collapse file tree 1 file changed +5
-4
lines changed Original file line number Diff line number Diff line change @@ -1763,11 +1763,12 @@ to speed up repeated connections from the same clients.
17631763
17641764.. method :: SSLContext.set_ecdh_curve(curve_name)
17651765
1766- Set the curve name for Elliptic Curve-based Diffie-Hellman (ECDH) key
1766+ Set the curve names for Elliptic Curve-based Diffie-Hellman (ECDH) key
17671767 exchange. ECDH is significantly faster than regular DH while arguably
1768- as secure. The *curve_name * parameter should be a string describing
1769- a well-known elliptic curve, for example ``prime256v1 `` for a widely
1770- supported curve.
1768+ as secure. The *curve_name * parameter should be a colon separated string describing
1769+ one or more well-known elliptic curves, for example ``prime256v1 `` for a widely
1770+ supported curve, or ``prime256v1:brainpoolP384r1 `` to specify two curves that will be
1771+ used on a client hello.
17711772
17721773 This setting doesn't apply to client sockets. You can also use the
17731774 :data: `OP_SINGLE_ECDH_USE ` option to further improve security.
You can’t perform that action at this time.
0 commit comments