Good morning Apostolos, answers inline.


For this release, asymmetric encryption wasn’t our first priority becausethe development of the server for key management will be necessary. We are aware about NIST recommendations, but if you want some sense of high encryption and paranoia, we should never use standard curves recommended by NIST.

That said, the solo reason to stick to default values is because we didn’t start the development of the server as well the tests between client/server. 

JS cryptography is already tough to deal with, introduce weak RNGs would make things worse. 
Into this scenario, if for some reason the browser doesn’t support it, we can raise an error or something like that.