RE: Comments on ECC draft

["Dominikus Scherkl" <Dominikus.Scherkl@glueckkanja.com>]

> Obviously, people's animosity for Certicom is going to
> get in the way of cleanly standardizing this.


> But, as long as ECC remains undefined in RFC2440bis
> and its successor, I wouldn't consider an implementation
> of ECC in OpenPGP to be violating the standard.

Of course not. That's why we insist for its addition
to the standard.

> If you're planning on putting it in CryptoEx,
> I'll be happy to make sure we interoperate with you.
We won't until it's part of the standard.
We've fully implemented all the mathematics, but integrating
it now will be about the same efford as to change it
after a different protocol is suddenly part of RFC 2440.

> I do agree, though, that your draft should pick a
> curve and stick with it, so that all the OpenPGP-ECC
> implementations are interoperable.

I don't think a single curve would be enough, because
it may have undiscovered weaknesses - and the curves
mentioned in my draft are already in use with other
standards, so I think it's a minimum requirement for
an implementation to support these.

But I agree that adding more curves should not be allowed
to everyone - new curves should be added to the standard
if they become nessessary (and that will be done VERY seldom).

to the draft:
Should I reduce my comments to domain parameters to
those nessessary to understand the format in which the
required curves are encoded? Or may I omit them at all?


By the way: I'm somewhat concerned about my mail to you
still not appeared on the list (and got no error report).
Is there something I must do before my mails are accepted?!?

-- 
Dominikus Scherkl
dominikus.scherkl@glueckkanja.com