IETF Logo Mail Archive

Re: Reasons to include ECC to our charter

Ben Laurie <ben@algroup.co.uk> Thu, 09 August 2001 14:55 UTC

Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA25927 for <openpgp-archive@odin.ietf.org>; Thu, 9 Aug 2001 10:55:33 -0400 (EDT)
Received: by above.proper.com (8.11.3/8.11.3) id f79Eeva17820 for ietf-openpgp-bks; Thu, 9 Aug 2001 07:40:57 -0700 (PDT)
Received: from top.ben.algroup.co.uk (host217-33-142-49.ietf.ignite.net [217.33.142.49]) by above.proper.com (8.11.3/8.11.3) with ESMTP id f79EesN17815 for <ietf-openpgp@imc.org>; Thu, 9 Aug 2001 07:40:55 -0700 (PDT)
Received: from algroup.co.uk (localhost [127.0.0.1]) by top.ben.algroup.co.uk (8.11.1/8.11.1) with ESMTP id f79EeVT05778; Thu, 9 Aug 2001 15:40:31 +0100 (BST) (envelope-from ben@algroup.co.uk)
Message-ID: <3B72A0DF.E8ED3D53@algroup.co.uk>
Date: Thu, 09 Aug 2001 15:40:31 +0100
From: Ben Laurie <ben@algroup.co.uk>
X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.1.1-STABLE-20001015 i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Dominikus Scherkl <Dominikus.Scherkl@biodata.com>
CC: "openPGP e-Mail (E-Mail)" <ietf-openpgp@imc.org>
Subject: Re: Reasons to include ECC to our charter
References: <100722F3C53A484B8CF1F14B4F062E9315705F@fra1d001.biodata.org>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 7bit

Dominikus Scherkl wrote:
> 
> Dear openPGP Working Group,
> 
> Sorry, that I supposed my suggestions for an ECC-extension
> to the openPGP message format to be property of this WG while
> it is only a personal draft.
> 
> Now for my reasons, why this WG should include
> <draft-scherkl-openpgp-ecc-00.txt> to its charter:
> 
> I think it is time to fulfill the promise this WG made by
> reserving space for ECC and ECDSA, if we want to keep this
> standard as wide used as it is.
> 
> Long time has gone since we reserved IDs for ECC algorithms
> and many applications now support ECC but can't provide it in
> an openPGP context. So they uses other standards like S/MIME
> or proprietary protocols to provide these algorithms to those
> who want to enjoy their advantages.
> 
> Different sets of ECC parameters have now been tested long
> enough to outsource all trivialy (and many not so trivial)
> cases that won't provide sufficient security, so ECC becomes
> a "well known" algortithm.
> In this light the somewhat slightly advantages "short keys"
> and "high performance" gain weight due to the lack of
> disadvantages.
> 
> Therefore I'm convinced we can include it in the standard
> without high probability to compromise our security goals.
> 
> The attached draft is thought to be fully conform with the
> openPGP format and even some other standards, and it defines
> all elliptic curves so that no greater changes in the
> future are expected (it keeps no further gaps in the ECC
> definiton as some older suggestions have done).
> If it isn't, I'm sure we can make it with small efford.
> 
> At all, the openPGP standard can only gain by adding this
> draft to the charter.

You can't add it to the _standard_ because of restrictive licensing. I
guess Informational RFCs are possible, but they don't make me happy -
essentially the WG is doing free work, both technical and marketing, for
the owner(s) of the patents.

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html

v2.23.0 | Report a Bug | By Email