Re: [Cfrg] tentative agenda for CFRG at IETF 89
David McGrew <mcgrew@cisco.com> Sun, 02 March 2014 00:39 UTC
Return-Path: <mcgrew@cisco.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 48F301A0B43 for <cfrg@ietfa.amsl.com>; Sat, 1 Mar 2014 16:39:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.048
X-Spam-Level:
X-Spam-Status: No, score=-10.048 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.547, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9Gm40PrJvLuQ for <cfrg@ietfa.amsl.com>; Sat, 1 Mar 2014 16:39:31 -0800 (PST)
Received: from alln-iport-5.cisco.com (alln-iport-5.cisco.com [173.37.142.92]) by ietfa.amsl.com (Postfix) with ESMTP id 1B33A1A0B38 for <cfrg@irtf.org>; Sat, 1 Mar 2014 16:39:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1251; q=dns/txt; s=iport; t=1393720769; x=1394930369; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to:content-transfer-encoding; bh=Rc4k3Gt+mgR0M4QYm8qQxc03RVuRJtuZbhn/VTXjcds=; b=IrJwvnpI00TZX1Gj48AtozP58+131xehduQwlDUr6hGp+3FLigYqtpEC XkET5m6zFumCBo5VOiKnKmAxu/r9GneMkDbsdMJ9HQsj6xJdpLE2AcRBV KDZzXYpJdbvjZsdc6Xt0f26xqVkcX1IGKS7gi/piJWLY15FT1t62hktOq c=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AiUFAP58ElOtJXG//2dsb2JhbABagwY7g1q6J4N1gRMWdIIlAQEBAgIjFUABEAsOCgICBRYLAgIJAwIBAgFFBg0BBwIQh2UNqwKgMheBKY0wB4JvgUkBA4lLjnGGSothg0se
X-IronPort-AV: E=Sophos;i="4.97,569,1389744000"; d="scan'208";a="24237615"
Received: from rcdn-core2-4.cisco.com ([173.37.113.191]) by alln-iport-5.cisco.com with ESMTP; 02 Mar 2014 00:39:27 +0000
Received: from [10.0.2.15] (rtp-mcgrew-8912.cisco.com [10.117.10.227]) by rcdn-core2-4.cisco.com (8.14.5/8.14.5) with ESMTP id s220dQho024017; Sun, 2 Mar 2014 00:39:27 GMT
Message-ID: <53127DBE.7070001@cisco.com>
Date: Sat, 01 Mar 2014 19:39:26 -0500
From: David McGrew <mcgrew@cisco.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130922 Icedove/17.0.9
MIME-Version: 1.0
To: Robert Ransom <rransom.8774@gmail.com>
References: <530FDC7A.4060404@cisco.com> <CABqy+srTqCXjOR4DMNgWyxf2pZ7dwZfWyznhBuJaY5w8VeuR4Q@mail.gmail.com> <5310B12E.4070603@cisco.com> <CABqy+srrbtdHOckjPqTj5SFuQwQEqXBjgc8kwagMi8E6ZRf=qg@mail.gmail.com>
In-Reply-To: <CABqy+srrbtdHOckjPqTj5SFuQwQEqXBjgc8kwagMi8E6ZRf=qg@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/CyZMI79_7ws_BYq28f0uLUARQRA
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] tentative agenda for CFRG at IETF 89
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 02 Mar 2014 00:39:33 -0000
On 02/28/2014 11:16 PM, Robert Ransom wrote: > > What is your objection to using the Curve25519 paper as a normative > reference for the standard Curve25519 scalar multiplication function? > > That it is not clear or precise enough. Specifically, it is not written so that a hardware or software engineer would know how to implement it, and it describes multiple alternatives rather than a single specific algorithm. Let me point out some examples from the end of Section 2 of http://cr.yp.to/ecdh/curve25519-20060209.pdf, where the document actually defines the curve function: "By Theorem 2.1, there is a unique integer s .... with the following property: s = X0(nQ) .... Note that Curve25519 is not surjective: in particular, its final output bit is always 0 and need not be transmitted." Engineers will be confused by the lack of an imperative description of the function, and will not know whether to expect the last bit to be transmitted or not. It would be a disservice to the community to not offer implementers a more usable description. If the curve is worth using, it is worth a draft that specifies it. Or perhaps there was another document about the curve that you had in mind? David
- [Cfrg] tentative agenda for CFRG at IETF 89 David McGrew
- Re: [Cfrg] tentative agenda for CFRG at IETF 89 Robert Ransom
- Re: [Cfrg] tentative agenda for CFRG at IETF 89 David McGrew
- Re: [Cfrg] tentative agenda for CFRG at IETF 89 Robert Ransom
- [Cfrg] Citing specs in specs Paul Hoffman
- Re: [Cfrg] Citing specs in specs Watson Ladd
- Re: [Cfrg] Citing specs in specs Paul Hoffman
- Re: [Cfrg] tentative agenda for CFRG at IETF 89 David McGrew
- Re: [Cfrg] Citing specs in specs Paul Lambert
- Re: [Cfrg] Citing specs in specs Watson Ladd
- Re: [Cfrg] Citing specs in specs Paul Lambert
- Re: [Cfrg] Citing specs in specs Paul Lambert
- Re: [Cfrg] Citing specs in specs Paul Lambert
- Re: [Cfrg] Citing specs in specs S Moonesamy
- Re: [Cfrg] Citing specs in specs Watson Ladd
- Re: [Cfrg] Citing specs in specs Jon Callas
- Re: [Cfrg] [TLS] Citing specs in specs David McGrew
- Re: [Cfrg] Citing specs in specs Paul Lambert
- Re: [Cfrg] Citing specs in specs Watson Ladd
- Re: [Cfrg] Citing specs in specs Paul Lambert
- Re: [Cfrg] Citing specs in specs Watson Ladd
- Re: [Cfrg] [TLS] Citing specs in specs David McGrew
- Re: [Cfrg] [TLS] Citing specs in specs Paul Lambert
- Re: [Cfrg] [TLS] Citing specs in specs Watson Ladd