Feature #7970: tls: Log elliptic curve ID - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #7970

open

JL OD

tls: Log elliptic curve ID

Feature #7970: tls: Log elliptic curve ID

Added by Jamie Lavigne 8 months ago. Updated 8 months ago.

Status:

New

Priority:

Normal

Assignee:

OISF Dev

Target version:

TBD

Effort:

Difficulty:

Label:

Description

Feature request to support logging the value of the chosen elliptic curve (when used) in TLS event logs. It would be OK for this to be enabled by extended logging.

When elliptic curve protocols are used for key exchange, the chosen curve ID will appear in either the server key exchange message (TLS 1.2) or the key_share extension of the client hello (TLS 1.3). For security monitoring use cases it would be useful to support logging this value in TLS event logs.

History
Notes

Actions

Copy link

Also available in: PDF Atom

Project

General

Profile

Suricata

Custom queries

Feature #7970

tls: Log elliptic curve ID

JL Updated by Jamie Lavigne 8 months ago Actions
Copy link
#1

JL Updated by Jamie Lavigne 8 months ago Actions
Copy link
#2

Project

General

Profile

Suricata

Custom queries

Feature #7970

tls: Log elliptic curve ID

JL Updated by Jamie Lavigne 8 months ago ActionsCopy link #1

JL Updated by Jamie Lavigne 8 months ago ActionsCopy link #2

JL Updated by Jamie Lavigne 8 months ago Actions
Copy link
#1

JL Updated by Jamie Lavigne 8 months ago Actions
Copy link
#2