rimball wiki

• Use NIST SuiteB P-256 or P-384 curves
• Choosing an Elliptic Curve in 2022

https://soatok.blog/2022/05/19/guidance-for-choosing-an-elliptic-curve-signature-algorithm-in-2022/

https://support.globalsign.com/ssl/ssl-certificates-life-cycle/ecc

Guidelines for the Selection,Configuration, and Use of Transport Layer Security (TLS) Implementations

https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r2.pdf (SP800-186)

If the server is configured with an ECDSA signature certificate, either curve P-256 or curve P-384 should be used for the public key in the certificate

ECDSA key lengths page 6 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-186.pdf

https://www.nccoe.nist.gov/tls-server-certificate-management

NIST SP 800-131A Rev. 2 Transitioning the Use of Cryptographic Algorithms and Key Lengths https://csrc.nist.gov/pubs/sp/800/131/a/r2/final

Recommendation for Key Management: Part 2 - Best Practices for Key Management Organizations https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt2r1.pdf

CAB Forum https://cabforum.org/documents/

RFC 9325 Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS

RFC-8446 - The Transport Layer Security (TLS) Protocol Version 1.3

https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf Table 2 Acceptable key lengths

= 224 bits of security strength for ECDSA and EdDSA

RSA >= 2048

NIST Special Publication 800-56A Revision 3 Recommendation for Pair-Wise Key- Establishment Schemes Using Discrete Logarithm Cryptography https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf