Re: [Dcrup] I do not like the dcrup ECC document
"Rose, Scott" <scott.rose@nist.gov> Fri, 07 July 2017 15:30 UTC
Return-Path: <scott.rose@nist.gov>
X-Original-To: dcrup@ietfa.amsl.com
Delivered-To: dcrup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B39C2131645 for <dcrup@ietfa.amsl.com>; Fri, 7 Jul 2017 08:30:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zKouckR6roXC for <dcrup@ietfa.amsl.com>; Fri, 7 Jul 2017 08:30:09 -0700 (PDT)
Received: from wsget1.nist.gov (wsget1.nist.gov [IPv6:2610:20:6005:13::150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4475B13163C for <dcrup@ietf.org>; Fri, 7 Jul 2017 08:30:09 -0700 (PDT)
Received: from WSGHUB1.xchange.nist.gov (129.6.42.34) by wsget1.nist.gov (129.6.13.150) with Microsoft SMTP Server (TLS) id 14.3.319.2; Fri, 7 Jul 2017 11:29:53 -0400
Received: from postmark.nist.gov (129.6.16.94) by mail-g.nist.gov (129.6.42.33) with Microsoft SMTP Server id 14.3.319.2; Fri, 7 Jul 2017 11:30:06 -0400
Received: from [129.6.140.7] (7-140.antd.nist.gov [129.6.140.7]) by postmark.nist.gov (8.13.8/8.13.1) with ESMTP id v67FTsVw026375 for <dcrup@ietf.org>; Fri, 7 Jul 2017 11:29:54 -0400
From: "Rose, Scott" <scott.rose@nist.gov>
To: "dcrup@ietf.org" <dcrup@ietf.org>
Date: Fri, 07 Jul 2017 11:29:54 -0400
Message-ID: <4B905074-9A3A-4C03-B5E0-15928E2BA636@nist.gov>
In-Reply-To: <95440.1499441107@eng-mail01.juniper.net>
References: <14cd0f4ff66348e495e0a7d0da8adc0e@usma1ex-dag1mb1.msg.corp.akamai.com> <D8F33B2B-42CB-4057-9567-CDEC37369C21@nist.gov> <3509c4a1901e49d885e2dd3205a95be8@usma1ex-dag1mb1.msg.corp.akamai.com> <95440.1499441107@eng-mail01.juniper.net>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
X-Mailer: MailMate (1.9.6r5347)
X-NIST-MailScanner-Information:
Archived-At: <https://mailarchive.ietf.org/arch/msg/dcrup/3wz9Mcbc96Y_QlR9r5Vikt5lv2Y>
Subject: Re: [Dcrup] I do not like the dcrup ECC document
X-BeenThere: dcrup@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DKIM Crypto Update <dcrup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dcrup>, <mailto:dcrup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dcrup/>
List-Post: <mailto:dcrup@ietf.org>
List-Help: <mailto:dcrup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dcrup>, <mailto:dcrup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Jul 2017 15:30:12 -0000
On 7 Jul 2017, at 11:25, Mark D. Baushke wrote: >> Or can those who need FIPS algorithms for signing keys stick with >> RSA? > > If what I heard at the ICMC17 conference this year is correct, then I > believe that Ed 25519 and/or Ed 448 will be getting added to the list > of > approved algorithms before too long (within the next year). > > -- Mark From inter-office talk, yes it will be added, and everyone wants to be added. Bureaucracy and sudden fire drills slow things down. I would like for this draft to not be needed, and one option is to just continue to use 2048-bit RSA for DKIM until the curves are added. That is the only apparent way forward for now. Scott =================================== Scott Rose NIST ITL scott.rose@nist.gov +1-301-975-8439 GV: +1-571-249-3671 ===================================
- [Dcrup] I do not like the dcrup ECC document Salz, Rich
- Re: [Dcrup] I do not like the dcrup ECC document Mark D. Baushke
- Re: [Dcrup] I do not like the dcrup ECC document Rose, Scott
- Re: [Dcrup] I do not like the dcrup ECC document Salz, Rich
- Re: [Dcrup] I do not like the dcrup ECC document Mark D. Baushke
- Re: [Dcrup] I do not like the dcrup ECC document Rose, Scott
- Re: [Dcrup] I do not like the dcrup ECC document Scott Kitterman
- Re: [Dcrup] I do not like the dcrup ECC document denis bider
- Re: [Dcrup] I do not like the dcrup ECC document John Levine
- Re: [Dcrup] I do not like the dcrup ECC document Eric Rescorla
- Re: [Dcrup] I do not like the dcrup ECC document Russ Housley
- Re: [Dcrup] I do not like the dcrup ECC document John R Levine
- Re: [Dcrup] I do not like the dcrup ECC document John R Levine
- Re: [Dcrup] I do not like the dcrup ECC document Scott Kitterman
- Re: [Dcrup] I do not like the dcrup ECC document Murray S. Kucherawy
- Re: [Dcrup] I do not like the dcrup ECC document Brandon Long