From 30c85ac981fdad46639ce02aa7e8612601fc5245 Mon Sep 17 00:00:00 2001
From: Jack Lloyd <lloyd@randombit.net>
Date: Thu, 13 Oct 2016 14:36:28 -0400
Subject: Add OS2ECP benchmark.

Turns out decompressing a point is ~50x slower than checking (x,y)
is on the curve. Update relnote accordingly.
---
 doc/news.rst | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

(limited to 'doc')

diff --git a/doc/news.rst b/doc/news.rst
index ad3015082..80a8457e3 100644
--- a/doc/news.rst
+++ b/doc/news.rst
@@ -13,12 +13,8 @@ Version 1.11.33, Not Yet Released
 
 * Add support for the TLS Supported Point Formats Extension from RFC 4492. Adds
   TLS::Policy::use_ecc_point_compression policy option. If supported on both
-  sides, ECC points can be sent in compressed format, which both saves a few
-  bytes on the wire and is an inexpensive way of avoiding invalid curve attacks.
-  For uncompressed points Botan already checks that the point is on the curve so
-  invalid curve attacks are not possible in either situation, but the point
-  decompression will typically be cheaper than verifying the point is on the
-  curve. (GH #645)
+  sides, ECC points can be sent in compressed format which saves a few bytes
+  during the handshake. (GH #645)
 
 * Fix entropy source selection bug on Windows, which caused the CryptoAPI
   entropy source to be not available under its normal name "win32_cryptoapi" but
-- 
cgit v1.2.3