Re: [Cfrg] ECC reboot

Benjamin Black <b@b3k.us> Sat, 18 October 2014 00:11 UTC

Return-Path: <b@b3k.us>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C6E51A87E1 for <cfrg@ietfa.amsl.com>; Fri, 17 Oct 2014 17:11:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mRXqkbWOWRap for <cfrg@ietfa.amsl.com>; Fri, 17 Oct 2014 17:11:28 -0700 (PDT)
Received: from mail-wi0-f171.google.com (mail-wi0-f171.google.com [209.85.212.171]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 189311A883B for <cfrg@irtf.org>; Fri, 17 Oct 2014 17:10:21 -0700 (PDT)
Received: by mail-wi0-f171.google.com with SMTP id em10so3257276wid.10 for <cfrg@irtf.org>; Fri, 17 Oct 2014 17:10:20 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=z5PrwgqvAPfRKZmCsRI2RgU3PQfzCHenQhNGxJ0REOI=; b=F+yRsiQyy5c8ewVumnZf6VAHncr7BXxeN0DlGgTDSIb4qecXx9fAeDForExLSPIA2U dfqK4kTs76+D3L9q/nzTaz19mV4TypeiEADdQhnJzovC1pW3ZPPrGtDOkJURa0aB+2KY 4fodD+IllnzjU26/0dex52eQjQ2UHs/rZQZttnXDAGhjlTVZeMPgPR+d7+D+7WEz+y13 /mjhtx9Izjl6rVJ4ChmttLs/UZ8qyANBcEf+W5jjoK9vPK5CKQWqYYbrYA4anTlS7X38 CojTaST90AZiBLiCfhex9/RlfwAPNmnYV5g1+NSEmMsN+ST238ecppVbem/SEPNC5VdU 1W9g==
X-Gm-Message-State: ALoCoQnJFPsbSDrDozi4+GxjZBH0xvk5GJoy4E9PJzzucHT5CGIuZtCjwF6unqC1x6t8b/J4KF46
X-Received: by 10.180.93.37 with SMTP id cr5mr2423855wib.76.1413591020656; Fri, 17 Oct 2014 17:10:20 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.217.14.70 with HTTP; Fri, 17 Oct 2014 17:10:00 -0700 (PDT)
In-Reply-To: <m3r3y6z3z8.fsf@carbon.jhcloos.org>
References: <D065A817.30406%kenny.paterson@rhul.ac.uk> <54400E9F.5020905@akr.io> <CAMm+LwhVKBfcfrXUKmVXKsiAMRSTV+ws+u07grmxkfnR2oYJoQ@mail.gmail.com> <5218FD35-E00A-413F-ACCB-AA9B99DEF48B@shiftleft.org> <m3r3y6z3z8.fsf@carbon.jhcloos.org>
From: Benjamin Black <b@b3k.us>
Date: Fri, 17 Oct 2014 17:10:00 -0700
Message-ID: <CA+Vbu7x4Y_=JZ9Ydp=U5QnJokL28QMQnV4XUn9S6+CUZR9ozEw@mail.gmail.com>
To: James Cloos <cloos@jhcloos.com>
Content-Type: multipart/alternative; boundary=f46d043c8050a50e500505a74edc
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/vsLDKZgNEtNouctgrpFGs0KOJzM
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] ECC reboot
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Oct 2014 00:11:31 -0000

On Fri, Oct 17, 2014 at 4:11 PM, James Cloos <cloos@jhcloos.com> wrote:

> >>>>> "MH" == Michael Hamburg <mike@shiftleft.org> writes:
>
> MH> I looked at Mozilla’s included CAs.  There are four ECC certs there,
> MH> all of them on the NIST secp384r1 curve.  So they apparently do not
> MH> consider ~512 bits necessary, but if the only choices are 256 and 512
> MH> I suppose they will go with 512.
>
> The nist 2^521-1 curve probably wasn't available in enough software.
>
> Presumably for the same reason suite-B lost it.  (Which, AIUI, was some
> ipr claim, yes?)
>
>
>
Per an earlier thread, P521 was not intended to be in Suite B, but AES-192
was. Since AES-192 was not broadly implemented, P384 was paired with
AES-256, instead.


b