IETF Logo Mail Archive

Re: [Dcrup] I do not like the dcrup ECC document

Eric Rescorla <ekr@rtfm.com> Sun, 09 July 2017 20:49 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: dcrup@ietfa.amsl.com
Delivered-To: dcrup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F2C2912FEEB for <dcrup@ietfa.amsl.com>; Sun, 9 Jul 2017 13:49:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TzKSmhEHcSgU for <dcrup@ietfa.amsl.com>; Sun, 9 Jul 2017 13:49:32 -0700 (PDT)
Received: from mail-yw0-x231.google.com (mail-yw0-x231.google.com [IPv6:2607:f8b0:4002:c05::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 395E712EC18 for <dcrup@ietf.org>; Sun, 9 Jul 2017 13:49:32 -0700 (PDT)
Received: by mail-yw0-x231.google.com with SMTP id a12so28864758ywh.3 for <dcrup@ietf.org>; Sun, 09 Jul 2017 13:49:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=pBdI1IhkVZyjZGT8/S+3KP2gW2IpmG0tmrAfsvKRA4s=; b=Khlbc6gb9tOFjmzakoB+4IOn0yYQnfW8y/J2gL8U1FZPnS2Vt8VmQWHaUc8Nm37y5T m9RIU/AkHC4m4sYdmriqFBiPW9B5FGr2yP6uGOYd7JjKa+eWbNC/lpz6tDKa3fC303oA 80QPjAVv+TaxPxk5hR9Ezb4GokYw8ckSnx9WVfSmCcsmbggfvI5y8tbwrFH0QNUKRRdg 7PIbwON6wdx5zSv9bnj6ehpbvWm88g1L6mdw2u0l67R+Ho52W+rtke+Yy561JL+QTkVk iQnQYHwNJSXN/eplmXua3VR/PFoqops11XP+VxHL2BFy9hp1/fA7+RR7RfspUwcdCMEu zq2g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=pBdI1IhkVZyjZGT8/S+3KP2gW2IpmG0tmrAfsvKRA4s=; b=icfih1fM3YDMq3WabVcJVEtuYu4BCc/Thq4u91e7FFiGZlFxrF/4LvA/4zYB9G6IJM FA9P3Qg18aF04BEfP13+2Ubk00F8dGlPNLwvMfxir1AHtmsDZOIV7EqfD3QmRG/V7Gph lZvYjqcpFJmhLsMIptgGSL5tapey33AJ/c9j8O2g9QPfu9yjMuhJy7MFcM3t7lRaV6bg gBLzFdWcyKsL95AEuhoSe3SQOkYKOzOZcszZ9OagBtdHWKKmWRw7PEZFfogodnsZzOei 24Ar4xR7yrHRATac1q/DlrZ77unUmfZrqyFcljcN51BsBttV5Sa4pn/CfSG2rH04otmq +WNg==
X-Gm-Message-State: AIVw111ym4Az61YU8CspRGpcvnz57X82quykcYGTradGZHh3D/NQMRDB qi5F9t6n1WADe85cwvm+bDZm9UX6UKtvyfA=
X-Received: by 10.129.202.71 with SMTP id y7mr9419880ywk.74.1499633371511; Sun, 09 Jul 2017 13:49:31 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.13.215.9 with HTTP; Sun, 9 Jul 2017 13:48:50 -0700 (PDT)
In-Reply-To: <20170709203414.90415.qmail@ary.lan>
References: <14cd0f4ff66348e495e0a7d0da8adc0e@usma1ex-dag1mb1.msg.corp.akamai.com> <20170709203414.90415.qmail@ary.lan>
From: Eric Rescorla <ekr@rtfm.com>
Date: Sun, 09 Jul 2017 13:48:50 -0700
Message-ID: <CABcZeBOyaOtws2R6MAUGwDi7jGgROSLBGT3vGjXah+JXv0QGZg@mail.gmail.com>
To: John Levine <johnl@taugh.com>
Cc: dcrup@ietf.org, "Salz, Rich" <rsalz@akamai.com>
Content-Type: multipart/alternative; boundary="089e082597806712ac0553e89add"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dcrup/hhnv_Sn7mtvoNljO0HgqFAuBFcA>
Subject: Re: [Dcrup] I do not like the dcrup ECC document
X-BeenThere: dcrup@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DKIM Crypto Update <dcrup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dcrup>, <mailto:dcrup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dcrup/>
List-Post: <mailto:dcrup@ietf.org>
List-Help: <mailto:dcrup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dcrup>, <mailto:dcrup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Jul 2017 20:49:34 -0000

Just as a technical point:

ECDSA works with P-256, P-384, and P-521
EdDSA works with Curve25519 and Curve448

I read the text above as using EdDSA with Curve25519.

-Ekr


On Sun, Jul 9, 2017 at 1:34 PM, John Levine <johnl@taugh.com> wrote:

> In article <14cd0f4ff66348e495e0a7d0da8adc0e@usma1ex-dag1mb1.msg.corp.
> akamai.com> you write:
> >Speaking as an individual, I think the draft-ietf-dcrup-dkim-ecc is wrong.
> >
> >It specifies curve P256 and ECDSA.
>
> Here's what -03 says:
>
> 3.  EdDSA-SHA256 Signing Algorithm
>
>    The eddsa-sha256 signing algorithm computes a message hash as defined
>    in section 3 of [RFC6376], and signs it with Ed25519, the EdDSA
>    algorithm using the edwards25519 curve, as defined in in RFC 8032
>    section 5.1 [RFC8032].  The signing algorithm is PureEdDSA as defined
>    in RFC 8032 section 4, since the input to the signing algorithm has
>    already been hashed.  The DNS record for the verification public key
>    MUST have a "k=eddsa" tag to indicate that the key is an EdDSA rather
>    than RSA key.
>
> If that's not right, please send text.
>
> R's,
> John
>
> _______________________________________________
> Dcrup mailing list
> Dcrup@ietf.org
> https://www.ietf.org/mailman/listinfo/dcrup
>

v2.35.0 | Report a Bug | By Email | System Status