Hello,
With the apparition of HTTP/2, if we want to set up a server compliant with RFC7540 (describing the protocol), we MUST support the cipher suite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 with the P-256 elliptic curve. (As described here: https://tools.ietf.org/html/rfc7540#section-9.2.2)
As this elliptic curve is probably the weakest one available, I think it could be useful to support several one, allowing server admins to support stronger curves, but keeping this one for compatibility/compliance reasons.
Currently, the directive "ssl_ecdh_curve" does not seem to be a multi-valued attribute like "ssl-ciphers" can be.
Allowing several curves with server preference would help to improve security and compatibility.
Examples:
ssl_ecdh_curve "brainpoolP512r1:secp521r1:prime256v1";
ssl_prefer_server_ecdh_curve on;
or
ssl_ecdh_curve brainpoolP512r1 secp521r1 prime256v1;
ssl_prefer_server_ecdh_curve off;