RE: Comments on ECC draft

"Dominikus Scherkl" <> Wed, 25 September 2002 08:29 UTC

Received: from ( []) by (8.9.1a/8.9.1a) with ESMTP id EAA19116 for <>; Wed, 25 Sep 2002 04:29:14 -0400 (EDT)
Received: (from majordomo@localhost) by (8.11.6/8.11.3) id g8P8JeI04330 for ietf-openpgp-bks; Wed, 25 Sep 2002 01:19:40 -0700 (PDT)
Received: from ( []) by (8.11.6/8.11.3) with ESMTP id g8P8Jcv04323 for <>; Wed, 25 Sep 2002 01:19:39 -0700 (PDT)
Content-Class: urn:content-classes:message
Subject: RE: Comments on ECC draft
Date: Wed, 25 Sep 2002 10:19:31 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Message-ID: <>
X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0
Thread-Topic: Comments on ECC draft
thread-index: AcJj9uMz10Bl4TTZQJ2HIsZWPnEZHgAcvhWg
From: "Dominikus Scherkl" <>
To: "Len Sassaman" <>
Cc: <>
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by id g8P8Jev04327
Precedence: bulk
List-Archive: <>
List-Unsubscribe: <>
List-ID: <>
Content-Transfer-Encoding: 8bit

> Obviously, people's animosity for Certicom is going to
> get in the way of cleanly standardizing this.

> But, as long as ECC remains undefined in RFC2440bis
> and its successor, I wouldn't consider an implementation
> of ECC in OpenPGP to be violating the standard.

Of course not. That's why we insist for its addition
to the standard.

> If you're planning on putting it in CryptoEx,
> I'll be happy to make sure we interoperate with you.
We won't until it's part of the standard.
We've fully implemented all the mathematics, but integrating
it now will be about the same efford as to change it
after a different protocol is suddenly part of RFC 2440.

> I do agree, though, that your draft should pick a
> curve and stick with it, so that all the OpenPGP-ECC
> implementations are interoperable.

I don't think a single curve would be enough, because
it may have undiscovered weaknesses - and the curves
mentioned in my draft are already in use with other
standards, so I think it's a minimum requirement for
an implementation to support these.

But I agree that adding more curves should not be allowed
to everyone - new curves should be added to the standard
if they become nessessary (and that will be done VERY seldom).

to the draft:
Should I reduce my comments to domain parameters to
those nessessary to understand the format in which the
required curves are encoded? Or may I omit them at all?

By the way: I'm somewhat concerned about my mail to you
still not appeared on the list (and got no error report).
Is there something I must do before my mails are accepted?!?

Dominikus Scherkl