Re: [Cfrg] When's the decision?
Yoav Nir <ynir.ietf@gmail.com> Fri, 17 October 2014 09:31 UTC
Return-Path: <ynir.ietf@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E59BA1AC3A5 for <cfrg@ietfa.amsl.com>; Fri, 17 Oct 2014 02:31:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dNud9KgEpWof for <cfrg@ietfa.amsl.com>; Fri, 17 Oct 2014 02:31:28 -0700 (PDT)
Received: from mail-wg0-x22e.google.com (mail-wg0-x22e.google.com [IPv6:2a00:1450:400c:c00::22e]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 514961AC3A1 for <cfrg@irtf.org>; Fri, 17 Oct 2014 02:31:28 -0700 (PDT)
Received: by mail-wg0-f46.google.com with SMTP id l18so471585wgh.29 for <cfrg@irtf.org>; Fri, 17 Oct 2014 02:31:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=8ufP9S/3ZLO6y2/BYwKMAyDBgcceemH10U6qrcQprtA=; b=bQc8B0IdGZyiGvuY3ZfuiKtxm6SBQOMsP3KEUr2YK9WkUHsdI60ikyIOUmrp7VN5H/ bTdKr/X76HB5TrmjShHEb6T+gF5gtlad4c01H7wTJ9jwqHg5YM8f3H+PjTouGOiiiZqi 4pDtmGdo6plr3wegEX2PFER0Hv1b//IdLnefEuQ1r7S6PTC+2xwS59ynQ/F4Br9nQtg/ b5eAzH/WrKF8DzAiGNsdbVcEqrmhWVdmCjf6GYH4qbqkmoUlmsAb9JvcMZn8lvMy+W9W hxo7cFXX1titQYlDA9lbkNHv4rHu4uHXHEGeglgA52kUqqtZRo+C6BXL2XUcPv2Dtn+t 7gSA==
X-Received: by 10.180.9.169 with SMTP id a9mr12561530wib.7.1413538286935; Fri, 17 Oct 2014 02:31:26 -0700 (PDT)
Received: from [192.168.1.104] (IGLD-84-228-54-205.inter.net.il. [84.228.54.205]) by mx.google.com with ESMTPSA id i5sm1021047wjz.0.2014.10.17.02.31.25 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 17 Oct 2014 02:31:26 -0700 (PDT)
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <2FBC676C3BBFBB4AA82945763B361DE60A76B232@MX17A.corp.emc.com>
Date: Fri, 17 Oct 2014 12:31:23 +0300
Content-Transfer-Encoding: quoted-printable
Message-Id: <6BDE7CB3-CFBF-441B-B720-2C150F0934CF@gmail.com>
References: <CACsn0cnHDc6_jWf1mXc5kQgj5XEc6dBBZa7K8D2=4uLti5e3aA@mail.gmail.com> <20141008173154.15169.qmail@cr.yp.to> <2FBC676C3BBFBB4AA82945763B361DE608F1D021@MX17A.corp.emc.com> <D065B1D4.3044B%kenny.paterson@rhul.ac.uk> <2FBC676C3BBFBB4AA82945763B361DE60A76B232@MX17A.corp.emc.com>
To: "Parkinson, Sean" <sean.parkinson@rsa.com>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/YH0woFS0tQhy9XDClrILzM1Opcs
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] When's the decision?
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Oct 2014 09:31:30 -0000
On Oct 17, 2014, at 11:42 AM, Parkinson, Sean <sean.parkinson@rsa.com> wrote: > While I still think that X25519 has speed and implementation simplicity advantages over numsp256t1, the fact that it can only be used for key exchange makes it difficult to recommend - you need another curve implementation anyway. > X25519 is already in use and, even if the CFRG don't recommend it, I believe it will be used - any speed advantage, despite code complexity cost, will be taken by implementers. I disagree. X25519 is in use in some specialized places, sure. But a recommendation from CFRG will lead to a standards-track document (or two) from TLS and another one from IPsecME. That leads to implementations in the major TLS libraries (OpenSSL, NSS, SCHANNEL) which then means it’s implemented in Chrome, Firefox, Internet Explorer and on the server side, most deployments of Apache and nginx. That’s a whole different scale of “used” compared with what we have now. Yoav
- [Cfrg] When's the decision? Watson Ladd
- Re: [Cfrg] When's the decision? Yoav Nir
- Re: [Cfrg] When's the decision? Stephen Farrell
- Re: [Cfrg] When's the decision? Watson Ladd
- Re: [Cfrg] When's the decision? David Jacobson
- Re: [Cfrg] When's the decision? Watson Ladd
- Re: [Cfrg] When's the decision? Michael Hamburg
- Re: [Cfrg] When's the decision? David Jacobson
- Re: [Cfrg] When's the decision? D. J. Bernstein
- [Cfrg] Publicly verifiable benchmarks D. J. Bernstein
- Re: [Cfrg] When's the decision? Parkinson, Sean
- Re: [Cfrg] When's the decision? Watson Ladd
- Re: [Cfrg] When's the decision? Parkinson, Sean
- Re: [Cfrg] When's the decision? Mike Hamburg
- Re: [Cfrg] When's the decision? Parkinson, Sean
- Re: [Cfrg] When's the decision? Phillip Hallam-Baker
- Re: [Cfrg] When's the decision? Mike Hamburg
- Re: [Cfrg] When's the decision? Parkinson, Sean
- Re: [Cfrg] Publicly verifiable benchmarks David Jacobson
- Re: [Cfrg] Publicly verifiable benchmarks Michael Hamburg
- Re: [Cfrg] Publicly verifiable benchmarks Andrey Jivsov
- Re: [Cfrg] Publicly verifiable benchmarks Watson Ladd
- Re: [Cfrg] Publicly verifiable benchmarks Parkinson, Sean
- Re: [Cfrg] Publicly verifiable benchmarks D. J. Bernstein
- Re: [Cfrg] Publicly verifiable benchmarks Michael Hamburg
- [Cfrg] Constant-time implementations D. J. Bernstein
- Re: [Cfrg] Constant-time implementations David Jacobson
- Re: [Cfrg] Constant-time implementations Adam Langley
- Re: [Cfrg] Constant-time implementations Yoav Nir
- Re: [Cfrg] Constant-time implementations Watson Ladd
- Re: [Cfrg] Constant-time implementations Mike Hamburg
- Re: [Cfrg] When's the decision? Paterson, Kenny
- Re: [Cfrg] When's the decision? Parkinson, Sean
- Re: [Cfrg] When's the decision? Ilari Liusvaara
- Re: [Cfrg] When's the decision? Yoav Nir
- [Cfrg] ed448goldilocks vs. numsp384t1 and numsp51… D. J. Bernstein
- Re: [Cfrg] ed448goldilocks vs. numsp384t1 and num… Ilari Liusvaara
- Re: [Cfrg] ed448goldilocks vs. numsp384t1 and num… Michael Hamburg
- Re: [Cfrg] ed448goldilocks vs. numsp384t1 and num… Ilari Liusvaara
- Re: [Cfrg] ed448goldilocks vs. numsp384t1 and num… Michael Hamburg