[Cfrg] draft-ladd-safecurves-02 and draft-josefsson-tls-curve25519-03

Simon Josefsson <simon@josefsson.org> Sat, 11 January 2014 16:39 UTC

Return-Path: <simon@josefsson.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 98C181AE050 for <cfrg@ietfa.amsl.com>; Sat, 11 Jan 2014 08:39:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.551
X-Spam-Status: No, score=-1.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_SE=0.35, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id B3t1d0wo8VEB for <cfrg@ietfa.amsl.com>; Sat, 11 Jan 2014 08:39:15 -0800 (PST)
Received: from duva.sjd.se (duva.sjd.se [IPv6:2001:9b0:1:1702::100]) by ietfa.amsl.com (Postfix) with ESMTP id 88C1F1AE046 for <cfrg@irtf.org>; Sat, 11 Jan 2014 08:39:15 -0800 (PST)
Received: from latte.josefsson.org (static-213-115-179-130.sme.bredbandsbolaget.se []) (authenticated bits=0) by duva.sjd.se (8.14.4/8.14.4/Debian-4) with ESMTP id s0BGd2gk013053 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT) for <cfrg@irtf.org>; Sat, 11 Jan 2014 17:39:04 +0100
X-Hashcash: 1:22:140111:cfrg@irtf.org::wfvWoFdwYuj2lDoo:1jsm
From: Simon Josefsson <simon@josefsson.org>
To: cfrg@irtf.org
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
Date: Sat, 11 Jan 2014 17:39:02 +0100
Message-ID: <87a9f279sp.fsf@latte.josefsson.org>
User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: clamav-milter 0.97.8 at duva.sjd.se
X-Virus-Status: Clean
Subject: [Cfrg] draft-ladd-safecurves-02 and draft-josefsson-tls-curve25519-03
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Jan 2014 16:39:16 -0000

Dear WG,

The TLS document draft-josefsson-tls-curve25519 has been updated in -03
to refer to the document draft-ladd-safecurves-02 that has been
discussed here.  My thinking is that the list of curves that
draft-ladd-safecurves recommends, and potentially/eventually the CFRG
can recommend, is a good list of curves for the TLS WG to consider.
Feedback from this group whether that thinking a good idea or not is

Another aspect came up when doing this.  Our draft includes details on
public/private key representation, shared secret computation, and test
vectors.  Would it make sense to move this to draft-ladd-safecurves
instead?  It seems any IETF protocol would have similar requirements.  I
cannot tell if there are per-protocol specific considerations that may
influence this, making a generic specification difficult.  Thoughts on
this is also appreciated.