Re: [Cfrg] Curve manipulation, revisited
Rob Stradling <rob.stradling@comodo.com> Tue, 30 December 2014 11:52 UTC
Return-Path: <rob.stradling@comodo.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A2711A007B for <cfrg@ietfa.amsl.com>; Tue, 30 Dec 2014 03:52:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.8
X-Spam-Level:
X-Spam-Status: No, score=0.8 tagged_above=-999 required=5 tests=[BAYES_50=0.8] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wDPhdr2V-dMi for <cfrg@ietfa.amsl.com>; Tue, 30 Dec 2014 03:52:23 -0800 (PST)
Received: from mmextmx1.mcr.colo.comodoca.net (mmextmx1.mcr.colo.comodoca.net [IPv6:2a02:1788:402:c00::c0a8:9cd5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C7C531A0079 for <cfrg@irtf.org>; Tue, 30 Dec 2014 03:52:22 -0800 (PST)
Received: (qmail 1830 invoked by uid 1004); 30 Dec 2014 11:52:20 -0000
Received: from ian.brad.office.comodo.net (HELO ian.brad.office.comodo.net) (192.168.0.202) by mmextmx1.mcr.colo.comodoca.net (qpsmtpd/0.84) with ESMTP; Tue, 30 Dec 2014 11:52:20 +0000
Received: (qmail 19186 invoked by uid 1000); 30 Dec 2014 11:52:20 -0000
Received: from and0004.comodo.net (HELO [192.168.0.58]) (192.168.0.58) (smtp-auth username rob, mechanism plain) by ian.brad.office.comodo.net (qpsmtpd/0.40) with (AES128-SHA encrypted) ESMTPSA; Tue, 30 Dec 2014 11:52:20 +0000
Message-ID: <54A291F4.6060601@comodo.com>
Date: Tue, 30 Dec 2014 11:52:20 +0000
From: Rob Stradling <rob.stradling@comodo.com>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:31.0) Gecko/20100101 Thunderbird/31.3.0
MIME-Version: 1.0
To: "Salz, Rich" <rsalz@akamai.com>
References: <CAMfhd9W684XMmXn3ueDmwrsQ_ZdiFG+VqYLxkvs7qDwiJdpk6w@mail.gmail.com><1725646678.805875.1419539885135.JavaMail.yahoo@jws100115.mail.ne1.yahoo.com><CAMfhd9Ua5fFZk46Xx1AN2VgyJ=Yng6fnO8aN-_ZfzXQn0Xbxhg@mail.gmail.com><CA+Vbu7zqFcu8d1053mZ_eEm0q=np6T3snSQ4rfY0k1-4hBVDsA@mail.gmail.com><2A0EFB9C05D0164E98F19BB0AF3708C71D55236DA1@USMBX1.msg.corp.akamai.com><68DF78C2-9F4D-457C-A32E-88A58E74A371@gmail.com><2A0EFB9C05D0164E98F19BB0AF3708C71D55236ECC@USMBX1.msg.corp.akamai.com><A7D3783D-0159-486E-8136-63E90E20AC0B@gmail.com><2A0EFB9C05D0164E98F19BB0AF3708C71D55236EE7@USMBX1.msg.corp.akamai.com><CA+Vbu7yaJNgi0JkhyBG6YEoKy+r5BFm_HwjL94sgHHOM7i3zOw@mail.gmail.com><2A0EFB9C05D0164E98F19BB0AF3708C71D55236F10@USMBX1.msg.corp.akamai.com><A09FEC84-6EF1-4886-9D88-E737A0895738@gmail.com><54A1C390.1010803@comodo.com> <2A0EFB9C05D0164E98F19BB0AF3708C71D55236F3D@USMBX1.msg.corp.akamai.com>
In-Reply-To: <2A0EFB9C05D0164E98F19BB0AF3708C71D55236F3D@USMBX1.msg.corp.akamai.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/g5KdgKz_aj6d7CQrFC3-ISP9x6w
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] Curve manipulation, revisited
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Dec 2014 11:52:27 -0000
On 29/12/14 21:15, Salz, Rich wrote: >> Some TLS server software (notably Apache httpd) can already use several >> certs for the same hostname, where each cert has a different public key >> algorithm (RSA, DSA, ECC). This means that certs with P-256 and P-384 public >> keys can be used where there is browser support, with fallback to certs with >> RSA public keys for the long tail of non-ECC-capable browsers. > > Any server that uses OpenSSL can do this, provided they make the calls to register the keypairs. (And only the NIST curves are currently supported.) Indeed. BTW Rich, are the OpenSSL team planning to add support for whatever new curve(s) and associated signature algorithm(s) CFRG blesses? Assuming yes, please will you aim to make it possible for a server to register 4 certs/keypairs - RSA, DSA, NIST ECC and CFRG ECC - for the same hostname (rather than only permit RSA + DSA + 1 ECC option)? > So that probably includes, nginx, Node.js, anything built on Ruby or Python, etc. Some minor code work (config and making an additional API call) could be required, but that's pretty easy. Nginx can't do this yet, sadly. I wrote a patch [1], but it's rather bitrotten now [2]. Registering the certs/keypairs with OpenSSL was indeed "minor code work", but the required updates to the Nginx OCSP Stapling code were rather more extensive. One day I'll find time to address the preliminary review comments and finish the job. :-) [1] http://osdir.com/ml/nginx-development/2013-10/msg00159.html [2] http://forum.nginx.org/read.php?2,253440 -- Rob Stradling Senior Research & Development Scientist COMODO - Creating Trust Online
- [Cfrg] Curve manipulation, revisited D. J. Bernstein
- Re: [Cfrg] Curve manipulation, revisited Adam Langley
- Re: [Cfrg] Curve manipulation, revisited Watson Ladd
- Re: [Cfrg] Curve manipulation, revisited David Gil
- Re: [Cfrg] Curve manipulation, revisited Adam Langley
- Re: [Cfrg] Curve manipulation, revisited Salz, Rich
- Re: [Cfrg] Curve manipulation, revisited David Gil
- Re: [Cfrg] Curve manipulation, revisited Adam Langley
- Re: [Cfrg] Curve manipulation, revisited David Gil
- Re: [Cfrg] Curve manipulation, revisited Adam Langley
- Re: [Cfrg] Curve manipulation, revisited Alyssa Rowan
- Re: [Cfrg] Curve manipulation, revisited Benjamin Black
- Re: [Cfrg] Curve manipulation, revisited Salz, Rich
- Re: [Cfrg] Curve manipulation, revisited Adam Langley
- Re: [Cfrg] Curve manipulation, revisited Watson Ladd
- Re: [Cfrg] Curve manipulation, revisited Yoav Nir
- Re: [Cfrg] Curve manipulation, revisited Benjamin Black
- Re: [Cfrg] Curve manipulation, revisited Benjamin Black
- Re: [Cfrg] Curve manipulation, revisited Salz, Rich
- Re: [Cfrg] Curve manipulation, revisited Michael Hamburg
- Re: [Cfrg] Curve manipulation, revisited Yoav Nir
- Re: [Cfrg] Curve manipulation, revisited Salz, Rich
- Re: [Cfrg] Curve manipulation, revisited Benjamin Black
- Re: [Cfrg] Curve manipulation, revisited Benjamin Black
- Re: [Cfrg] Curve manipulation, revisited Salz, Rich
- Re: [Cfrg] Curve manipulation, revisited Watson Ladd
- Re: [Cfrg] Curve manipulation, revisited Yoav Nir
- Re: [Cfrg] Curve manipulation, revisited Watson Ladd
- Re: [Cfrg] Curve manipulation, revisited Benjamin Black
- Re: [Cfrg] Curve manipulation, revisited Mike Hamburg
- Re: [Cfrg] Curve manipulation, revisited Benjamin Black
- Re: [Cfrg] Curve manipulation, revisited Rob Stradling
- Re: [Cfrg] Curve manipulation, revisited Salz, Rich
- Re: [Cfrg] Curve manipulation, revisited Benjamin Black
- Re: [Cfrg] Curve manipulation, revisited Tony Arcieri
- Re: [Cfrg] Curve manipulation, revisited Adam Langley
- Re: [Cfrg] Curve manipulation, revisited Rob Stradling
- Re: [Cfrg] Curve manipulation, revisited Watson Ladd
- Re: [Cfrg] Curve manipulation, revisited Salz, Rich
- Re: [Cfrg] Curve manipulation, revisited Paul Hoffman
- Re: [Cfrg] Curve manipulation, revisited Nico Williams
- Re: [Cfrg] Curve manipulation, revisited Watson Ladd
- Re: [Cfrg] Curve manipulation, revisited Salz, Rich
- Re: [Cfrg] Curve manipulation, revisited Paul Hoffman
- Re: [Cfrg] Curve manipulation, revisited Alyssa Rowan
- Re: [Cfrg] Curve manipulation, revisited Peter Dettman
- Re: [Cfrg] Curve manipulation, revisited Harry Halpin
- Re: [Cfrg] Curve manipulation, revisited Michael Hamburg
- Re: [Cfrg] Curve manipulation, revisited Peter Dettman