Re: [Cfrg] ECC reboot (Was: When's the decision?)

"Paterson, Kenny" <> Thu, 16 October 2014 16:08 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 8A65E1A6FE1 for <>; Thu, 16 Oct 2014 09:08:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id zCYLmz1712DZ for <>; Thu, 16 Oct 2014 09:08:42 -0700 (PDT)
Received: from ( [IPv6:2a01:111:f400:fe00::633]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 1705A1A1B98 for <>; Thu, 16 Oct 2014 09:08:42 -0700 (PDT)
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.1044.10; Thu, 16 Oct 2014 16:08:18 +0000
Received: from ([]) by ([]) with mapi id 15.00.1049.012; Thu, 16 Oct 2014 16:08:18 +0000
From: "Paterson, Kenny" <>
To: "" <>
Thread-Topic: ECC reboot (Was: When's the decision?)
Thread-Index: AQHP6VtmT0IPqoE8/UeRMNkTGwW65Q==
Date: Thu, 16 Oct 2014 16:08:18 +0000
Message-ID: <>
Accept-Language: en-GB, en-US
Content-Language: en-US
user-agent: Microsoft-MacOutlook/
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: []
x-microsoft-antispam: BCL:0;PCL:0;RULEID:;SRVR:DBXPR03MB382;
x-exchange-antispam-report-test: UriScan:;
x-forefront-prvs: 036614DD9C
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(51704005)(479174003)(199003)(24454002)(189002)(101416001)(31966008)(120916001)(20776003)(2656002)(36756003)(80022003)(46102003)(66066001)(64706001)(85852003)(74482002)(110136001)(561944003)(106356001)(107046002)(2351001)(107886001)(92726001)(85306004)(76482002)(83506001)(40100003)(122556002)(15202345003)(4396001)(95666004)(86362001)(87936001)(97736003)(21056001)(15975445006)(19580395003)(105586002)(99396003)(54356999)(106116001)(19580405001)(92566001)(50986999)(2501002); DIR:OUT; SFP:1101; SCL:1; SRVR:DBXPR03MB382;; FPR:; MLV:sfv; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
Content-Type: text/plain; charset="us-ascii"
Content-ID: <>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [Cfrg] ECC reboot (Was: When's the decision?)
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 16 Oct 2014 16:08:52 -0000

Dear all,

Watson rightly pointed out that we are far behind the originally
advertised schedule for our process for selection of curves to recommend
to the TLS WG. Other parties in and beyond IETF are waiting on our
recommendations too.

The reasons for the delay are quite complex, and I won't go into reviewing
them here. Suffice to say we've had a lot of really informative technical
discussion about performance of the different options, benchmarking, etc,
so the slippage has not exactly been wasted.

Our first task should be to finalise the requirements that we will use to
guide the selection process. I think we are close, with a couple of
outstanding issues:

1. Amount of "wiggle room" that should be permitted.

2. A more nuanced set of hardware requirements.

I suggest we use the next *week* to try to finalise the requirements, and
then November to evaluate the candidates that we currently have (along
with any new candidates that might emerge) against the final set of

With this schedule, we'd miss the IETF 91 meeting for our decision, but I
don't think having our answer by mid-Novmeber is really feasible. We
should certainly be able to deliver an early Christmas present to the TLS

To make this work, we'd need the RG to focus on the requirements for a
short additional period of time.

So here's a proposal for a new schedule which I believe to be feasible:

24/10/14 (1 week from now): we finalise requirements, including hardware
31/10/14 (2 weeks from now): we agree on whatever benchmarking system
we're going to use for performance measurements. (Right now, supercop
seems like the front runner to me.)
30/11/14 (6 weeks from now): we deliver our recommendations to the TLS WG.

Could people let me know if this looks workable, within the next 24-48
hours? Meantime, I'll send a message indicating where things stand on the
requirements list.



On 06/10/2014 16:26, "Watson Ladd" <> wrote:

>Dear all,
>We were promised on July 27 a process running for 6 weeks. Doubling I
>get 12 weeks, which is three months, of which two (August, September)
>have already gone. Am I correct in supposing that we're on track for a
>decision by Halloween?
>If we aren't, what remaining issues need to be addressed/when can we
>expect a decision?
>Watson Ladd
>Cfrg mailing list