Re: [Cfrg] draft-ladd-safecurves-02

Paul Hoffman <paul.hoffman@vpnc.org> Sat, 11 January 2014 16:40 UTC

Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E638F1AE061 for <cfrg@ietfa.amsl.com>; Sat, 11 Jan 2014 08:40:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.347
X-Spam-Level:
X-Spam-Status: No, score=-1.347 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_MISMATCH_COM=0.553] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gPNs0YOTvqK6 for <cfrg@ietfa.amsl.com>; Sat, 11 Jan 2014 08:40:11 -0800 (PST)
Received: from hoffman.proper.com (IPv6.Hoffman.Proper.COM [IPv6:2605:8e00:100:41::81]) by ietfa.amsl.com (Postfix) with ESMTP id 8F0EA1AE046 for <cfrg@irtf.org>; Sat, 11 Jan 2014 08:40:11 -0800 (PST)
Received: from [10.20.30.90] (50-1-51-230.dsl.dynamic.fusionbroadband.com [50.1.51.230]) (authenticated bits=0) by hoffman.proper.com (8.14.7/8.14.7) with ESMTP id s0BGJu4q046965 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Sat, 11 Jan 2014 09:19:57 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
X-Authentication-Warning: hoffman.proper.com: Host 50-1-51-230.dsl.dynamic.fusionbroadband.com [50.1.51.230] claimed to be [10.20.30.90]
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 7.1 \(1827\))
From: Paul Hoffman <paul.hoffman@vpnc.org>
In-Reply-To: <52D17058.1050200@akr.io>
Date: Sat, 11 Jan 2014 08:39:56 -0800
Content-Transfer-Encoding: quoted-printable
Message-Id: <592EE701-2C57-45B0-B8DA-F96B5C95B51C@vpnc.org>
References: <20140111003703.6111382.10153.8425@certicom.com> <52D17058.1050200@akr.io>
To: Alyssa Rowan <akr@akr.io>
X-Mailer: Apple Mail (2.1827)
Cc: "cfrg@irtf.org CFRG" <cfrg@irtf.org>
Subject: Re: [Cfrg] draft-ladd-safecurves-02
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Jan 2014 16:40:13 -0000

On Jan 11, 2014, at 8:24 AM, Alyssa Rowan <akr@akr.io> wrote:

> Agreed there. That's a temporary slot, there for the draft, I believe,
> but the final reference should I think be more like:
> 
> 7. References
> 
>    [SAFECURVES] Daniel J. Bernstein and Tanja Lange. SafeCurves:
>    choosing safe curves for elliptic-curve cryptography.
>    <http://safecurves.cr.yp.to>, accessed 11 November 2014.
> 
>    [EFD] Daniel J. Bernstein and Tanja Lange. Explict-Formulas
>    Database, Genus-1 curves over large-characteristic fields.
>    <http://www.hyperelliptic.org/EFD/g1p/>, accessed
>    11 November 2014.

Published academic papers would be *much* more useful than web sites that can change.

References in RFCs are not there to prove that the RFC authors did their homework; they are there to help readers assess the validity of statements in the document. When someone reads this RFC 15 years from now, the contents of http://safecurves.cr.yp.to will very likely be more up to date, possibly in a way that negates some of what is said in the document. A reader of the RFC at that point should decide not to implement because of the disagreement between the RFC and the reference; that would be bad.

For crypto documents, references to books (specific editions) and IACR papers seem to work just fine.

--Paul Hoffman