Re: [Cfrg] draft-ladd-safecurves-02

Watson Ladd <watsonbladd@gmail.com> Tue, 14 January 2014 21:24 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EDB4F1AE150 for <cfrg@ietfa.amsl.com>; Tue, 14 Jan 2014 13:24:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L9doH9RMkLYE for <cfrg@ietfa.amsl.com>; Tue, 14 Jan 2014 13:24:48 -0800 (PST)
Received: from mail-wi0-x236.google.com (mail-wi0-x236.google.com [IPv6:2a00:1450:400c:c05::236]) by ietfa.amsl.com (Postfix) with ESMTP id E98FB1AE148 for <cfrg@irtf.org>; Tue, 14 Jan 2014 13:24:47 -0800 (PST)
Received: by mail-wi0-f182.google.com with SMTP id ex4so1353206wid.9 for <cfrg@irtf.org>; Tue, 14 Jan 2014 13:24:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=+fJJ4DVYFoT9ZI+CjKvX2QrSdki2RJ6oOFLi5HA+3ZY=; b=ZAqR0pFbKQk2Hs7xVbx/caCiNx77KbCCODbOBEDEjREDVCzra93NiTJrggNNdM1VI+ gcVPiF/Om/uTQNankaqim89AIXHFB7OU1Q9TlS3TRwy/MpIFqqTZYHwAke5KSE4kWfTw LlHNMnmndFF31R3w3BOX0v9kL+UAnNA2bBwsYjzJnN/Dk8mBf1uupkgwRQ+BMrVwr9QP VE32lm7cpb7YTjhwTvhBbOdjzCqQKLF/MjorOpMS3jNQAaLFwzz6iVeYzvWyFNtghNLd mVqv1t0YvTwZuv7ezl3o/iulhCDOMzaBT+W4lcE+4Z8TFaII9EgJ4V3vp2OmQoUqPqPa NwYA==
MIME-Version: 1.0
X-Received: by 10.194.189.132 with SMTP id gi4mr524889wjc.5.1389734675977; Tue, 14 Jan 2014 13:24:35 -0800 (PST)
Received: by 10.194.242.131 with HTTP; Tue, 14 Jan 2014 13:24:35 -0800 (PST)
In-Reply-To: <52D5A6B5.5030009@cisco.com>
References: <20140111003703.6111382.10153.8425@certicom.com> <52D17058.1050200@akr.io> <592EE701-2C57-45B0-B8DA-F96B5C95B51C@vpnc.org> <52D5A6B5.5030009@cisco.com>
Date: Tue, 14 Jan 2014 13:24:35 -0800
Message-ID: <CACsn0c=VcFfkk7C=ywJ2ajq3yfv4DgxVj-kRA2RBakp4wSmR3Q@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: David McGrew <mcgrew@cisco.com>
Content-Type: text/plain; charset=UTF-8
Cc: "cfrg@irtf.org CFRG" <cfrg@irtf.org>, Paul Hoffman <paul.hoffman@vpnc.org>
Subject: Re: [Cfrg] draft-ladd-safecurves-02
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Jan 2014 21:24:51 -0000

On Tue, Jan 14, 2014 at 1:05 PM, David McGrew <mcgrew@cisco.com> wrote:
> On 01/11/2014 11:39 AM, Paul Hoffman wrote:
>>
>> On Jan 11, 2014, at 8:24 AM, Alyssa Rowan <akr@akr.io> wrote:
>>
>>> Agreed there. That's a temporary slot, there for the draft, I believe,
>>> but the final reference should I think be more like:
>>>
>>> 7. References
>>>
>>>     [SAFECURVES] Daniel J. Bernstein and Tanja Lange. SafeCurves:
>>>     choosing safe curves for elliptic-curve cryptography.
>>>     <http://safecurves.cr.yp.to>, accessed 11 November 2014.
>>>
>>>     [EFD] Daniel J. Bernstein and Tanja Lange. Explict-Formulas
>>>     Database, Genus-1 curves over large-characteristic fields.
>>>     <http://www.hyperelliptic.org/EFD/g1p/>, accessed
>>>     11 November 2014.
>>
>> Published academic papers would be *much* more useful than web sites that
>> can change.
>>
>> References in RFCs are not there to prove that the RFC authors did their
>> homework; they are there to help readers assess the validity of statements
>> in the document. When someone reads this RFC 15 years from now, the contents
>> of http://safecurves.cr.yp.to will very likely be more up to date, possibly
>> in a way that negates some of what is said in the document. A reader of the
>> RFC at that point should decide not to implement because of the disagreement
>> between the RFC and the reference; that would be bad.

Possibly not: if a new attack is discovered that safecurves.cr.yp.to
tells the world about
before we catch up, it would be great if someone doesn't implement
because of that.

>
>
> Plus one; this is an important point.

And is addressed in the latest draft. (Not yet posted)

Much more substantive is the desire for material on the lines of RFC
6090 to be added: that will take considerably
longer than anticipated. But we have to wait for OIDs anyway.

>
> David
>
>
>> For crypto documents, references to books (specific editions) and IACR
>> papers seem to work just fine.
>>
>> --Paul Hoffman
>> _______________________________________________
>> Cfrg mailing list
>> Cfrg@irtf.org
>> http://www.irtf.org/mailman/listinfo/cfrg
>>
>
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> http://www.irtf.org/mailman/listinfo/cfrg



-- 
"Those who would give up Essential Liberty to purchase a little
Temporary Safety deserve neither  Liberty nor Safety."
-- Benjamin Franklin