Re: [Cfrg] revised requirements for new curves

[Stephen Farrell <stephen.farrell@cs.tcd.ie>]

Hiya,

Good job and good to see this progressing towards completion.
Thanks for both.

On 08/09/14 11:23, Paterson, Kenny wrote:
> 
> SE5. Required: each set of curve parameters should be generated by a
> well-defined procedure that allows only a limited and quantified amount of
> flexibility. If the selected procedure involves the choice of an initial
> seed, then the seed will be selected by multiple independent parties using
> a procedure having the property that no collusion of all but one or fewer
> of the parties can exert any control over the chosen seed. [RC]

A clarification question: the above reads a bit like the result
has to be a curve that hasn't yet been documented. I assume that
its ok if e.g. 25519 and/or one of msft's are picked and that this
is not meant to rule those out. It might be worth stating that e.g.
along the lines of "Note that SE5 does not rule out selection of
an already documented curve or curves should there be consensus
that this requirement has been met sufficiently."

If you do mean to rule those out, then I think that really would
need to be crystal clear.

Other than that:

On IN1 and IN2 I agree with William's comment. And since that
is to the effect that those don't help or hinder selections
I'm ok with the text as-is.

On IP1, I do agree with the intent, but that might need to be
reworded to keep everyone happy - one can never know for sure
that royalty-free anything is possible. But I'm ok with the
wording as-is, since adding the equivalent of "as far as its
possible to know" doesn't matter so much given that CFRG cannot
afaik yet do the impossible;-)

Ta,
S.