[Cfrg] Status of ECC discussion

Alexey Melnikov <alexey.melnikov@isode.com> Mon, 05 January 2015 18:26 UTC

Return-Path: <alexey.melnikov@isode.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 2EC5E1A87A5 for <cfrg@ietfa.amsl.com>; Mon, 5 Jan 2015 10:26:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.111
X-Spam-Status: No, score=-0.111 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id CTVxbcdPh5jo for <cfrg@ietfa.amsl.com>; Mon, 5 Jan 2015 10:26:26 -0800 (PST)
Received: from waldorf.isode.com (ext-bt.isode.com []) by ietfa.amsl.com (Postfix) with ESMTP id 0BF541A8732 for <cfrg@irtf.org>; Mon, 5 Jan 2015 10:26:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1420482385; d=isode.com; s=selector; i=@isode.com; bh=ZZuQsE+3wsq47ePrzapjEbJ7wTsaiOQ9JcqQvvvosAc=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=AVY3mNIdg/GkJPPb6zgDm3l3JBmRirhgLwDci8amtEAT+Ft2BahQqMT39DqkVJsfL15DJu q7m/FMXoyoYm9WfejCx9Ke4O6kAt8lakqpHLXdZ55I/Wl/DWRHCnE6RV7Ayak1mCc6hQWD /45w+adcCU9Zqx76u4xRcvIrt3u3sOA=;
Received: from [] (cpc5-nmal20-2-0-cust24.19-2.cable.virginm.net []) by waldorf.isode.com (submission channel) via TCP with ESMTPA id <VKrXTgAKaMQB@waldorf.isode.com>; Mon, 5 Jan 2015 18:26:25 +0000
Message-ID: <54AAD751.6060102@isode.com>
Date: Mon, 05 Jan 2015 18:26:25 +0000
From: Alexey Melnikov <alexey.melnikov@isode.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
To: "cfrg@irtf.org" <cfrg@irtf.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/BSzWp5gJAImI0jfCIlixl1u0RkE
Subject: [Cfrg] Status of ECC discussion
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Jan 2015 18:26:28 -0000

Dear CFRG participants,

As many people are accusing chairs of "continuing the farce" and 
generally being slow with declaring consensus on ECs, I think chairs
need to clarify their position and elaborate on what is guiding our actions.

We strive to be impartial. If you don't believe that that is the case, 
please bring this to our attention or appeal to IRTF Chair Lars Eggert.

We believe that having an algorithm for generating suitable secure 
curves at any given level will benefit Internet long term. I personally
don't want to repeat this discussion every couple of years, if I can 
avoid it. This topic caused chairs lots of stress and it is requiring 
too much bandwidth.

We don't want to just rubber stamp curve25519 or any alternative.

We try to steer people to reach some sort of agreement on curves and 
curve generation procedures. Chairs admit that they are not always
successful at that.

There is significant external pressure to get this work complete from 
the TLS WG. Yes, we missed 2 deadlines (and got 2 extensions) already,
but the pressure is still there. If CFRG can't have even rough consensus 
on anything, CFRG will fail to make a positive difference and choices 
will be made elsewhere in IETF, most likely in multiple incompatible 
ways. This is going to be a net loss for the Internet.

After observing recent discussions on the mailing list and answering to 
multiple private emails, chairs are in agreement that we reached the
point of diminishing returns. So we are planning to declare outcome of 
the discussion on curve choices within 2 weeks from today (decision 
about signature algorithm, and point formats will be done after that), 
unless significant new facts are posted on the mailing list. We would 
prefer for that not to be "no consensus". So when posting any email, 
people should be calm and as constructive as possible. Constructive 
proposals like the one made by Adam Langley recently should be the norm, 
not the exception.

Other observations:

Please avoid second guessing other people (including chairs) and 
attributing motives to them.

People MUST NOT imply that other mailing list participants are not 
acting in good faith and they must treat all contributions with respect.
In particular, we don't think that some reaction to work done by authors 
of draft-black-rpgecc was warranted.

Some people are not behaving very professionally on the mailing list. We 
want to remind people that bullying behaviour is not acceptable on CFRG 
mailing list. Chairs are a bit tired of slapping every hand and mouth.

Best Regards,
Kenny & Alexey