IETF Logo Mail Archive

Re: [Lwip] Fwd: New Version Notification for draft-ietf-lwig-curve-representations-23.txt

Erik Kline <ek.ietf@gmail.com> Wed, 09 February 2022 21:46 UTC

Return-Path: <ek.ietf@gmail.com>
X-Original-To: lwip@ietfa.amsl.com
Delivered-To: lwip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A40083A0908 for <lwip@ietfa.amsl.com>; Wed, 9 Feb 2022 13:46:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gVbXvL_YAJ7i for <lwip@ietfa.amsl.com>; Wed, 9 Feb 2022 13:46:23 -0800 (PST)
Received: from mail-oi1-x230.google.com (mail-oi1-x230.google.com [IPv6:2607:f8b0:4864:20::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C4813A0D1D for <lwip@ietf.org>; Wed, 9 Feb 2022 13:46:23 -0800 (PST)
Received: by mail-oi1-x230.google.com with SMTP id v67so3927691oie.9 for <lwip@ietf.org>; Wed, 09 Feb 2022 13:46:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=7avkGqJWViiogcb1RTk/mVCoPt2m0DsloqJ5+mNl/PY=; b=SMd0Y8i/HBbkaerOTRK8y5zlTv+q1vhYpnfPKcj1PYU/EtlVcEhfIPFVtyYabd7dIx vhW2bdjnREDjSHgsYUbhINRegW9Z2P1AoUsI5xYMdx8MJ8XO1VBFzWiP9TzAcuswycIz 9oprYF0VAhdIh4k94hYqBgmhdXOc6ynMhnPW5aPV0vndlp0GLfIxO/NOBabbcb4oTEtR G05fTDbuzRB4nOmI0jBOWzYQVrmtMdMwif5Ez6yVG0J6uBh1liItj0YxusBKFb79Gjd1 RvJoMYONICVa3RLI24DLNNPEHrSslUkP30zbr+1vYCgZyOmNFNxfSTZ9uk5ZXwIY0SNR PV4Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=7avkGqJWViiogcb1RTk/mVCoPt2m0DsloqJ5+mNl/PY=; b=uzQsoKBTfXSG15LoCxJpif+pZ+S+xa7ibhC3ntgPzZQ/TNOjeHq5+sy0MMiG/H7L0A VfwRQP7wxx5jkKZeHm73l3NwpN3KHwinMWED8pel2GfaUuNcUzqr3/FY9Awmonv793LY fm/+47R260hOonAfE+d/ZpN3b+GZUZnpijeH40eZ+26etEP44icUfFIl90YxPjCC3UQB wHPytC0BuT2rSmuVQeEH6ihMgP7CD/8TJp+GvS7Lxl0QtH7uo9Guw1pkx0Z8/MNCn9nz bmAWtwiqKoQNCipYld91sE6DV5DBarGFjb848DJdnPJ/lu/kyEbGN56lnN8ozYid66Tv 5kzQ==
X-Gm-Message-State: AOAM5314b4LCcAEePyKh5XHWYM5G0PjOhTZEZrNz3j2ZqjAiJHADZbBn H0S4XiH7r8o5Jq9YZa+EEJkSH1YkMpHR1818NsC3aC/E
X-Google-Smtp-Source: ABdhPJzARFd7+6zxaSzpwKgOI9X4bjjcSjSsA62BuGtusheGxWIvzUJEfMu9cughAv+8YLtHP0dKy9SCICQvK+wFNGk=
X-Received: by 2002:a05:6808:1827:: with SMTP id bh39mr1959778oib.219.1644443179582; Wed, 09 Feb 2022 13:46:19 -0800 (PST)
MIME-Version: 1.0
References: <164280578662.16592.16625041318608542476@ietfa.amsl.com> <204cbd49-e74f-a11b-2e81-3328cd16488b@gmail.com> <be92c3d8-089e-a918-fc4b-539a3d760499@gmail.com>
In-Reply-To: <be92c3d8-089e-a918-fc4b-539a3d760499@gmail.com>
From: Erik Kline <ek.ietf@gmail.com>
Date: Wed, 09 Feb 2022 13:46:08 -0800
Message-ID: <CAMGpriXcW61FS9jBs_qUmceGUF_586bSYQjz-5PEirj=pBXDgw@mail.gmail.com>
To: Rene Struik <rstruik.ext@gmail.com>
Cc: "lwip@ietf.org" <lwip@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000092885905d79cc39d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/lwip/oIzcWIY4YrPE2GkGmHvWoJBpUio>
Subject: Re: [Lwip] Fwd: New Version Notification for draft-ietf-lwig-curve-representations-23.txt
X-BeenThere: lwip@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Lightweight IP stack. Official mailing list for IETF LWIG Working Group." <lwip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lwip>, <mailto:lwip-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lwip/>
List-Post: <mailto:lwip@ietf.org>
List-Help: <mailto:lwip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lwip>, <mailto:lwip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Feb 2022 21:46:26 -0000

[IESG to bcc]

(I had a couple of draft replies to some of your other emails, but hadn't
sent any.)

After Karthik's kind crypto panel review I figured that draft -23 was as
ready as can be to come back to a telechat.  I had intended, however, to
have one last look at the IANA section since the IANA expert review state
is still marked "Issues identified".

If you think you've addressed all the IANA expert review comments, then I
guess that's okay.  I'll try to see if I can request an IANA expert
re-review of draft -23.

On Wed, Feb 9, 2022 at 7:58 AM Rene Struik <rstruik.ext@gmail.com> wrote:

> Dear Erik:
>
> Could you please make sure the lwig curve draft ends up on the iesg
> telechat agenda again asap?
>
> I think we should (and easily can) get this draft done before there is
> another IESG roster change (due to AD changes in March). Next week, it will
> be precisely one year this draft was first put on the iesg telechat agenda
> (Feb 18, 2021, to be precise). Let us make sure we do not need candles to
> "celebrate" one year of zero progress.
>
> Thanks for your help!
>
> Apologies for sending this message via the mailing list: however, for some
> reason, none of my offline email messages sent to you since January 13,
> 2022 seemed to have reached you (or, at least, have been replied to). I did
> see other emails from the ek.ietf@gmail.com address, so presume that
> address still works (if this assumption is incorrect, please let me know).
>
> Rene
>
> On 2022-01-21 6:32 p.m., Rene Struik wrote:
>
> Dear colleagues:
>
> I updated the lwig curve draft, so as to take into account (1) another
> crypto review panel review this draft was subjected to by the powers that
> be; (2) discussions on ECDSA with the SHA3 family hash functions that took
> place on the COSE mailing list and offline Nov-early January.
>
> Changes:
>
> a) Section 7 (Implementation Status): included reference to ANSSI's
> (French information security agency) use of lwig curve draft, including
> motivations (hooray);
>
> b) Appendix B.1 (Elliptic Curve Nomenclature): made definition of
> isomorphic curves in Appendix B.1 more precise, via one-sentence change
> (zero impact on draft, but done for completeness);
>
> c) Appendix I (Data Conversions): added Definition of ASCII symbols (with
> reference to RFC 20);
>
> d) Appendix Q (ECDSA): corrected numerical examples for ECDSA w/ Wei25519
> and SHAKE-128 (Appendix Q.3.2) and ECDSA w/ Wei448 and SHAKE-256 (Appendix
> Q.3.3). Here, it turned out that the Python code in Sage that I used
> incorrectly implements the FIPS 202 specification of SHAKE128 and SHAKE256.
> To do this properly, I implemented all SHA3 functions from scratch on the
> bit-level and had this vetted independently via contacts at NIST. To
> indicate that ECDSA w/ Wei448 and SHAKE256 uses FIPS 202-conformant
> SHAKE256, I added in Section 4.3 as reference to FIPS 202 "see Section 6.3
> of [FIPS 202]"). BTW - adding ASCII (point c) above) above was motivated by
> desire to avoid bit/byte-ordering ambiguity and set the record straight.
>
> I made a few (very few) typographical and cosmetic changes throughout the
> document, in an attempt to make the crypto review panel reviewer happy.
> (Time will tell.)
>
> I hope this helps.
>
> Best regards, Rene
> -------- Forwarded Message --------
> Subject: New Version Notification for
> draft-ietf-lwig-curve-representations-23.txt
> Date: Fri, 21 Jan 2022 14:56:26 -0800
> From: internet-drafts@ietf.org
> To: Rene Struik <rstruik.ext@gmail.com> <rstruik.ext@gmail.com>
>
>
> A new version of I-D, draft-ietf-lwig-curve-representations-23.txt
> has been successfully submitted by Rene Struik and posted to the
> IETF repository.
>
> Name: draft-ietf-lwig-curve-representations
> Revision: 23
> Title: Alternative Elliptic Curve Representations
> Document date: 2022-01-21
> Group: lwig
> Pages: 150
> URL:
> https://www.ietf.org/archive/id/draft-ietf-lwig-curve-representations-23.txt
> Status:
> https://datatracker.ietf.org/doc/draft-ietf-lwig-curve-representations/
> Htmlized:
> https://datatracker.ietf.org/doc/html/draft-ietf-lwig-curve-representations
> Diff:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-lwig-curve-representations-23
>
> Abstract:
> This document specifies how to represent Montgomery curves and
> (twisted) Edwards curves as curves in short-Weierstrass form and
> illustrates how this can be used to carry out elliptic curve
> computations leveraging existing implementations and specifications
> of, e.g., ECDSA and ECDH using NIST prime curves. We also provide
> extensive background material that may be useful for implementers of
> elliptic curve cryptography.
>
>
>
>
> The IETF Secretariat
>
>
>
> --
> email: rstruik.ext@gmail.com | Skype: rstruik
> cell: +1 (647) 867-5658 | US: +1 (415) 287-3867
>
>

v2.23.0 | Report a Bug | By Email