Re: [Cfrg] Requirements for curve candidate evaluation update

Phillip Hallam-Baker <phill@hallambaker.com> Wed, 13 August 2014 23:48 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 48C021A01EA for <cfrg@ietfa.amsl.com>; Wed, 13 Aug 2014 16:48:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1Bt2omLcS7JJ for <cfrg@ietfa.amsl.com>; Wed, 13 Aug 2014 16:48:47 -0700 (PDT)
Received: from mail-lb0-x236.google.com (mail-lb0-x236.google.com [IPv6:2a00:1450:4010:c04::236]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D79C71A00E9 for <cfrg@ietf.org>; Wed, 13 Aug 2014 16:48:46 -0700 (PDT)
Received: by mail-lb0-f182.google.com with SMTP id z11so377374lbi.13 for <cfrg@ietf.org>; Wed, 13 Aug 2014 16:48:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type:content-transfer-encoding; bh=SU4azxSjzxVA5C1yRv9pNHycUWGRdwOqR5XjvDu9NE4=; b=WSaKOroA/8QBKagrJTiF6izl9Mh9cG70q0MCqkfSbunHqms/DGjPgas5QQv9DEJbdk r4mwCfrInvAc8A4fiZzjSMAMcqcdo6/704wExtyqG+Ssklvj0nW9ADA27KbkadgCaN65 pGVo+8dsiuhEaobrdVUt0MlcZxzl8r+Ayxc4QerGoTJ6xeiepSDYSF4Cas03nFOCPZec KoXbWXEh3WqemZxvGCfIXgHCtzsmt41bPA1uVc0+ChY4m+IEXTAzRt3edKHyglIIbDMl hMwUpipwi74y6OzfbeSZOUMJV9gmcmiRnuwAFgZKxjsVjzCVM/aLj2E4cPyitUlhNKd6 k2pQ==
MIME-Version: 1.0
X-Received: by 10.152.23.6 with SMTP id i6mr1073520laf.39.1407973724844; Wed, 13 Aug 2014 16:48:44 -0700 (PDT)
Sender: hallam@gmail.com
Received: by 10.112.122.50 with HTTP; Wed, 13 Aug 2014 16:48:44 -0700 (PDT)
In-Reply-To: <2A0EFB9C05D0164E98F19BB0AF3708C7185A0C8CEB@USMBX1.msg.corp.akamai.com>
References: <CA+Vbu7wuAcmtAKJYEgAaSBTf6sj8pRfYpJhz2qV_ER=33mrk8Q@mail.gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C7185A0C8CEB@USMBX1.msg.corp.akamai.com>
Date: Wed, 13 Aug 2014 19:48:44 -0400
X-Google-Sender-Auth: enzb_xVNhzhI50cNHysdzYRwOKk
Message-ID: <CAMm+LwikFfC7AoPyYn8EQsKXiv9X1uvGrdmwRXxiqcCSvNZsqA@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: "Salz, Rich" <rsalz@akamai.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/iHmbInA-JWYg6AxsmUJOpuiFGMQ
Cc: "cfrg@ietf.org" <cfrg@ietf.org>
Subject: Re: [Cfrg] Requirements for curve candidate evaluation update
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Aug 2014 23:48:49 -0000

I really could care less about wire formats. They are completely
mutable at this point.

The only place where I have real legacy problems is in HSM support.
Long term signature keys have to be generated and stored in HSMs. And
no, that is not a 'nice to have feature', it is a 'be prepared to be
laughed at and told that you completely wasted your time' if it isn't
met type of feature.

I don't need to be able to use my existing HSMs but if the curves
chosen are not supported by any existing hardware and it takes 3 years
for it to become available then its going to delay everything (apart
from EDH).






On Tue, Aug 12, 2014 at 6:05 PM, Salz, Rich <rsalz@akamai.com> wrote:
> I have asked before, perhaps you missed it.
>
>
>
> I take exception to your claims that “single curve model” and “no change to
> wire formats” are facts on the ground.  Can you justify that?
>
>
>
> --
>
> Principal Security Engineer
>
> Akamai Technologies, Cambridge MA
>
> IM: rsalz@jabber.me Twitter: RichSalz
>
>
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> http://www.irtf.org/mailman/listinfo/cfrg
>