Re: Confusing.
<tinfoilhat>
From NSA advisory:
Certificates with named elliptic curves, manifested by explicit curve OID values, can be ruled benign. For example, the curve OID value for standard curve nistP384 is 1.3.132.0.34. Certificates with explicitly-defined parameters (e.g., prime, a, b, base, order, and cofactor) which fully-match those of a standard curve can similarly be ruled benign.
---
So basically the unexplained magic numbers in the published standard are totally secure.
Hmmm. I'm sure I've seen this movie before ...
</tinfoilhat>
Biting the hand that feeds IT
