diff --git a/CHANGELOG.md b/CHANGELOG.md
index 872b5a1b4..5044b5a1d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -22,6 +22,8 @@
 
 - Add support for large cookie sessions by chunking. [GH-211]
 
+- Prefer [curve](https://wiki.mozilla.org/Security/Server_Side_TLS) X25519 to P256 for TLS connections. [GH-233]
+
 ## v0.1.0
 
 ### NEW
diff --git a/internal/httputil/https.go b/internal/httputil/https.go
index 4928b146e..215c94ba9 100644
--- a/internal/httputil/https.go
+++ b/internal/httputil/https.go
@@ -178,8 +178,8 @@ func newDefaultTLSConfig(cert *tls.Certificate) *tls.Config {
 		PreferServerCipherSuites: true,
 		// Use curves which have assembly implementations
 		CurvePreferences: []tls.CurveID{
-			tls.CurveP256,
 			tls.X25519,
+			tls.CurveP256,
 		},
 		Certificates: []tls.Certificate{*cert},
 		// HTTP/2 must be enabled manually when using http.Serve