IETF Logo Mail Archive

Re: [Cfrg] Recommending secp256k1 in FIPS 186-5

Jim Schaad <ietf@augustcellars.com> Thu, 19 December 2019 19:18 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B2F75120B28 for <cfrg@ietfa.amsl.com>; Thu, 19 Dec 2019 11:18:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ICpzIF8fKnfd for <cfrg@ietfa.amsl.com>; Thu, 19 Dec 2019 11:18:46 -0800 (PST)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 65E11120639 for <cfrg@irtf.org>; Thu, 19 Dec 2019 11:18:45 -0800 (PST)
Received: from Jude (73.180.8.170) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Thu, 19 Dec 2019 11:18:39 -0800
From: Jim Schaad <ietf@augustcellars.com>
To: 'Neil Madden' <neil.e.madden@gmail.com>, 'Tony Arcieri' <bascule@gmail.com>
CC: 'CFRG' <cfrg@irtf.org>
References: <CAHOTMVLSOAXXO21MNdBFGjh6K9hH7hNznTd6gzEa4CN5dvMOdg@mail.gmail.com> <3C6C3732-B5F3-4759-9BEF-5B3AA52DF2CD@gmail.com>
In-Reply-To: <3C6C3732-B5F3-4759-9BEF-5B3AA52DF2CD@gmail.com>
Date: Thu, 19 Dec 2019 11:18:37 -0800
Message-ID: <017c01d5b6a1$1f311d40$5d9357c0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_017D_01D5B65E.110EC7A0"
X-Mailer: Microsoft Outlook 16.0
Content-Language: en-us
Thread-Index: AQHRpJIL1YQCIygTAefb9vQs+nBEzQEOG/xvp8GH5pA=
X-Originating-IP: [73.180.8.170]
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/xXGuxv-_Dak8OE_GrAfUMQiAvFM>
Subject: Re: [Cfrg] Recommending secp256k1 in FIPS 186-5
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Dec 2019 19:18:48 -0000

 

 

From: Cfrg <cfrg-bounces@irtf.org> On Behalf Of Neil Madden
Sent: Thursday, December 19, 2019 9:56 AM
To: Tony Arcieri <bascule@gmail.com>
Cc: CFRG <cfrg@irtf.org>
Subject: Re: [Cfrg] Recommending secp256k1 in FIPS 186-5

 

On 19 Dec 2019, at 17:03, Tony Arcieri <bascule@gmail.com <mailto:bascule@gmail.com> > wrote:

 



On Thu, Dec 19, 2019 at 7:30 AM Dan Burnett <daniel.burnett@consensys..net <mailto:daniel.burnett@consensys.net> > wrote:

My company and others are concerned about the lack of endorsement for secp256k1 in this standard and have drafted a request for its addition.[2]  We would welcome any comments and/or support from this group and/or any of its members (directly in the Google Doc linked below).  All comments are welcome, including those arguing against this request :)

 

Unless I'm mistaken, no IETF protocols use secp256k1 either, nor has the CFRG ever recommended it.

 

But see https://datatracker.ietf.org/doc/draft-ietf-cose-webauthn-algorithms/ ...

 

[JLS] This is being done for a W3C protocol and not for an IETF protocol.  There was some pushback from me at least to see if this was really necessary.  It is being marked as NOT RECOMMENDED by the IETF.

 

Jim

 

Neil

v2.23.0 | Report a Bug | By Email