[Cfrg] Unwarrented change to point formats

Watson Ladd <watsonbladd@gmail.com> Sat, 26 July 2014 17:58 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id D5EB11A00D7 for <cfrg@ietfa.amsl.com>; Sat, 26 Jul 2014 10:58:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=unavailable
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id qYcJepzS4f0g for <cfrg@ietfa.amsl.com>; Sat, 26 Jul 2014 10:58:12 -0700 (PDT)
Received: from mail-yh0-x22e.google.com (mail-yh0-x22e.google.com [IPv6:2607:f8b0:4002:c01::22e]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F41031A00B2 for <cfrg@irtf.org>; Sat, 26 Jul 2014 10:58:09 -0700 (PDT)
Received: by mail-yh0-f46.google.com with SMTP id a41so3845104yho.19 for <cfrg@irtf.org>; Sat, 26 Jul 2014 10:58:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=ZK/giULQAqMkglhp45uZvxFOHe/uvKmqg8RLHV2G330=; b=Zm9uSwDUAw58aq2wYx0CoZ1ivkiQlVMz9dOUxOCEKMGy6v9O++qGpgESgI5hYGMRBI Kkd7AobRQOaGn+ESRZYLDKcDiM8gTau082ei3na4JIAKlwpwq4pE9Oli/edkM0gLSi7y ZZHghWDfaRVQDqDmk15g4uhXpkC8VSRnNDFutnplAXGwHXv2Ez/wPXpBgwj0sMoUl325 qfNeslwEPAfVExOFBjNMOVOp9DXbBOPMBctag1vEAQmpJ8r87qhgZhdbbnEp37iq3tyu oSQI5P3Ovqqh7SyFRcRKIpIoSApJzWFuuxsEB93bJ/w+2yuxAtYCQcabNAiXhv99jI2N JpDA==
MIME-Version: 1.0
X-Received: by with SMTP id o10mr34702735yhb.49.1406397489299; Sat, 26 Jul 2014 10:58:09 -0700 (PDT)
Received: by with HTTP; Sat, 26 Jul 2014 10:58:09 -0700 (PDT)
Date: Sat, 26 Jul 2014 10:58:09 -0700
Message-ID: <CACsn0cnf64Lj0om9hzvfZymo1KRG6FOiicfcDw3ysfGwaAby3g@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: "tls@ietf.org" <tls@ietf.org>, "cfrg@irtf.org" <cfrg@irtf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/1mWAxY-jXXW2VyLkRusJgxGKYes
Subject: [Cfrg] Unwarrented change to point formats
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 26 Jul 2014 17:58:20 -0000

Dear all,
Curve25519 was a draft. Curve25519 came back with good reviews from
the CFRG. End of story? No: the TLS WG leadership has decided to ask
for the choice of curves, on nebulous criteria, ignoring existing
drafts, on the basis that the curves must be applicable "IETF wide".

I don't see the reason for this, especially given that OpenSSH has
implemented and deployed Curve25519 and Ed25519, complete with
Montgomery form on the wire.  Arguing that we need twisted Edwards
point formats everywhere for consistency with existing libraries
ignores what has already been deployed and widely adopted.

Watson Ladd