Re: [Cfrg] Requirements for curve candidate evaluation update
Alyssa Rowan <akr@akr.io> Thu, 14 August 2014 13:10 UTC
Return-Path: <akr@akr.io>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B9F71A06EE for <cfrg@ietfa.amsl.com>; Thu, 14 Aug 2014 06:10:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1L1wfIrdBR31 for <cfrg@ietfa.amsl.com>; Thu, 14 Aug 2014 06:10:49 -0700 (PDT)
Received: from entima.net (entima.net [78.129.143.175]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8C7D31A06EA for <cfrg@irtf.org>; Thu, 14 Aug 2014 06:10:49 -0700 (PDT)
User-Agent: K-9 Mail for Android
In-Reply-To: <CAMm+Lwh7BAGW6hQfqcDeciYk5nvePwe39Szo0zeCn9hrQLgNBA@mail.gmail.com>
References: <CA+Vbu7wuAcmtAKJYEgAaSBTf6sj8pRfYpJhz2qV_ER=33mrk8Q@mail.gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C7185A0C8CEB@USMBX1.msg.corp.akamai.com> <CA+Vbu7zfbx-OqU=ggXgutDb+GNwvS3QpkTwzU1c+2Lcv=3Gawg@mail.gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C7185A0C9094@USMBX1.msg.corp.akamai.com> <CAMm+Lwg8EZ-MWN4hKxzN+g5L9-GjgEGV49NqYNEnK=34qrkb+w@mail.gmail.com> <53EC4DDD.7010503@akr.io> <CAMm+Lwh7BAGW6hQfqcDeciYk5nvePwe39Szo0zeCn9hrQLgNBA@mail.gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="UTF-8"
From: Alyssa Rowan <akr@akr.io>
Date: Thu, 14 Aug 2014 14:10:38 +0100
To: cfrg@irtf.org
Message-ID: <baaf2afd-3c27-47b8-a04d-6775d258e48d@email.android.com>
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/6bAJJqUJu02G2EZROu4tcwwT-9w
Subject: Re: [Cfrg] Requirements for curve candidate evaluation update
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Aug 2014 13:10:56 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 14 August 2014 13:26:01 BST, Phillip Hallam-Baker <phill@hallambaker.com> wrote: >It isn't quite true to say that you can do everything in hardware or software. There are very specific constraints here to do with side channels and IPR that could have a huge bearing on what curve families are viable and which are not. Well, as per IPR policy: please identify any (still-extant) relevant patents you're aware of? >There are very few serious CAs. So its not surprising there are few ECC roots. We have ECC roots, so do the other leading CAs. But the reason for the lag has been IPR FUD. >From who: Certicom? (Who are on this list.) All the more reason to bring this to the fore, then: if "IPR FUD" is constraining wide PKIX adoption of ECDSA with NIST P256, then there is actually far _less_ legacy for us to be scared of deprecating, and more reason for us to consider carefully the IPR status of every algorithm, technique and curve family considered. We need to recommend things everyone can actually use, royalty-free. - -- /akr -----BEGIN PGP SIGNATURE----- Version: APG v1.1.1 iQI3BAEBCgAhBQJT7LVNGhxBbHlzc2EgUm93YW4gPGFrckBha3IuaW8+AAoJEOyE jtkWi2t6X/MP/3up+kJ9TSSdkSXGijX/Yd50OeLLXFiSWekccVfPI30xUhnh46Hv me17ThmEfdQbGeTmTEDmCfb5kwxvCzR/zZeS5Xw7PSVon3VaKumyGJqRq4Yrpn1a LLXtp6pcR82DWfVZyoAaVMsMdVJQQQyNN9Dsfmhw7qA7TAxwl91vxmmGVXfL5MGM OQziVO5quOBd6KCO19g32ptMVARZqjwNOa27JDI5ubBbOKcX/h2epL1uwUrgBsEv 2zHFEEKWIKEr+n9/WTrBHI6ah6eu2wjUweHFuQuHEBSaPjlRmCI5Odke55pVWPX8 5LgdADemSV/N0k6kFlYFiix9yvZxovpJCSNXW8uwubHqI5D8sW0Y3Dbl/hqWPH+c BixnEgsVvoM5FThzJiO0cUhx4nKKGto6gFxmIrIuQa/W+/ym3G7v+07VRWYBtsF8 ZnZ+O2o3RK3q05Z8JwT9rdx6dLRHu2d04EbbB1dx9FTkm2Tf0Vdq49qe0Dig3L5O 8BHuh05IusAwUH1P9rJH/abZF9BPWA9Lv9AcJunhNx8InhvVZCDURpyoIwS4SP1+ ZGAvUPjuE9yMHYxUjWaX0M8yCi396W5EEFh5W4qxbA9cdxyCAmVYCKdLpzbhDPcw VB5FrSvujl8gD5D3RPc1v4hpvEoDr5PoylBxv3SNYYXnGIHZpTnFMXsh =zFrS -----END PGP SIGNATURE-----
- [Cfrg] Requirements for curve candidate evaluatio… Benjamin Black
- Re: [Cfrg] Requirements for curve candidate evalu… Salz, Rich
- Re: [Cfrg] Requirements for curve candidate evalu… Watson Ladd
- Re: [Cfrg] Requirements for curve candidate evalu… William Whyte
- Re: [Cfrg] Requirements for curve candidate evalu… Mike Hamburg
- Re: [Cfrg] Requirements for curve candidate evalu… Benjamin Black
- Re: [Cfrg] Requirements for curve candidate evalu… Phillip Hallam-Baker
- Re: [Cfrg] Requirements for curve candidate evalu… David Jacobson
- Re: [Cfrg] Requirements for curve candidate evalu… Salz, Rich
- Re: [Cfrg] Requirements for curve candidate evalu… Salz, Rich
- Re: [Cfrg] Requirements for curve candidate evalu… Phillip Hallam-Baker
- Re: [Cfrg] Requirements for curve candidate evalu… Phillip Hallam-Baker
- Re: [Cfrg] Requirements for curve candidate evalu… Benjamin Black
- Re: [Cfrg] Requirements for curve candidate evalu… Benjamin Black
- Re: [Cfrg] Requirements for curve candidate evalu… Alyssa Rowan
- Re: [Cfrg] Requirements for curve candidate evalu… Phillip Hallam-Baker
- Re: [Cfrg] Requirements for curve candidate evalu… Phillip Hallam-Baker
- Re: [Cfrg] Requirements for curve candidate evalu… Alyssa Rowan
- Re: [Cfrg] Requirements for curve candidate evalu… Watson Ladd
- Re: [Cfrg] Requirements for curve candidate evalu… D. J. Bernstein
- Re: [Cfrg] Requirements for curve candidate evalu… Tanja Lange
- Re: [Cfrg] Requirements for curve candidate evalu… Phillip Hallam-Baker