python-ecdsa
python-ecdsa copied to clipboard
Change defaults to more secure
The default curve is prime192v1
- weak, and deprecated/unusable in TLS 1.3
The default hash is sha1
- similarly, weak and deprecated/unusable in TLS 1.3
The library should default to P-256 (as the weakest/fastest curve generally considered safe) and SHA-256 (hash typically paired with it).
Since this would break API compatibility, postpone it till first release that will do that: 1.0