Re: [TLS] Curve25519 in TLS
Nico Williams <nico@cryptonector.com> Thu, 12 September 2013 21:12 UTC
Return-Path: <nico@cryptonector.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C00B111E822F for <tls@ietfa.amsl.com>; Thu, 12 Sep 2013 14:12:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.927
X-Spam-Level:
X-Spam-Status: No, score=-1.927 tagged_above=-999 required=5 tests=[AWL=0.050, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rsaQiHaM1NYG for <tls@ietfa.amsl.com>; Thu, 12 Sep 2013 14:12:49 -0700 (PDT)
Received: from homiemail-a71.g.dreamhost.com (caiajhbdcbef.dreamhost.com [208.97.132.145]) by ietfa.amsl.com (Postfix) with ESMTP id D222B11E813B for <tls@ietf.org>; Thu, 12 Sep 2013 14:12:49 -0700 (PDT)
Received: from homiemail-a71.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a71.g.dreamhost.com (Postfix) with ESMTP id DB30242807A for <tls@ietf.org>; Thu, 12 Sep 2013 14:12:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type; s=cryptonector.com; bh=LW7kih1ASUld6W02CKh8 p7IGAHw=; b=LeqtuBk+Dzc5s4W9EblVAM4BHUo1enbeuXju7VsFDAGTA5d4iQgq NMs2aKrzpl53lS2FGgd8JsidAQ5pR5ub5uNXGu77CyhXdRPGYpkslBhJNbHHLFy/ wYa5SLOkOi4hoXY9/AlfpcF7b0Lld0zA62v+rC6PN9Spj6Bo+3/LSxY=
Received: from mail-we0-f170.google.com (mail-we0-f170.google.com [74.125.82.170]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a71.g.dreamhost.com (Postfix) with ESMTPSA id 1BC5B428075 for <tls@ietf.org>; Thu, 12 Sep 2013 14:12:42 -0700 (PDT)
Received: by mail-we0-f170.google.com with SMTP id w62so360412wes.15 for <tls@ietf.org>; Thu, 12 Sep 2013 14:12:41 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=sg/db+Qzm6KzkCK9WalD1SmwfiLcUnvk66yuZ1nK8qs=; b=hL9Cs8yb4kcwcMOiY6qNMWKNDbBn5SOh5OrYA8eaeMmHeI/m8sBLM7dkX9UOIopt2K MjHGpkOffBhNo5bKG7od/nXRnhuYRXPNhK0Qu6RLSQN+9K4drGqV6plKwTWg9I364UAu wiMQjkToWls9oMWSP8wsLWArGNgTdxRXnL0R9kzg8zfun8K4DFMPMVwKYBf3LbMLVQJ0 b2I7ql2SqvCTNR0Ao+XpajHG/LI2OSDQY7oFunhhIYolRr2xSMseogE3ph+JI2FjFlkW ltBGTTNJ3uVS5JS/1r4DJNqr6mFViyGdUQzymlO4cB0sT6Eo7pNHhU4xe0FO4srkm5K7 ZEag==
MIME-Version: 1.0
X-Received: by 10.180.206.244 with SMTP id lr20mr7505994wic.45.1379020361698; Thu, 12 Sep 2013 14:12:41 -0700 (PDT)
Received: by 10.216.240.70 with HTTP; Thu, 12 Sep 2013 14:12:41 -0700 (PDT)
In-Reply-To: <52322AA3.4080503@comodo.com>
References: <a84d7bc61003011620i66fc7dfdre62b548fdd5ef7dd@mail.gmail.com> <522D25B9.7010506@funwithsoftware.org> <56C25B1D-C80F-495A-806C-5DD268731CD4@qut.edu.au> <87zjrl21wp.fsf_-_@latte.josefsson.org> <522ED9A7.7080802@comodo.com> <87fvtbi8ow.fsf@latte.josefsson.org> <5231B8ED.7040301@comodo.com> <9330004B-0BC3-4EDB-91EE-5BA14A4A6CEF@checkpoint.com> <52321039.9060503@comodo.com> <5050f932-9321-449a-be2d-0ad8b667f2f2@email.android.com> <52322AA3.4080503@comodo.com>
Date: Thu, 12 Sep 2013 16:12:41 -0500
Message-ID: <CAK3OfOjUor1-_wv3g9_f0YO4Qtufsz1C7z18KRhpFckcdbjXgw@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: Rob Stradling <rob.stradling@comodo.com>
Content-Type: text/plain; charset="UTF-8"
Cc: Simon Josefsson <simon@josefsson.org>, Patrick Pelletier <code@funwithsoftware.org>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Curve25519 in TLS
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Sep 2013 21:12:54 -0000
On Thu, Sep 12, 2013 at 3:57 PM, Rob Stradling <rob.stradling@comodo.com> wrote: > On 12/09/13 21:41, Simon Josefsson wrote: >>> So why bother making curve25519 available for key exchange? >> >> For performance reasons? It is more efficient. > > So then... > > ...it sounds like it does make sense, for performance reasons, to allow > Curve25519 (or Ed25519, presumably) to be used for keys in certs too. Yes. Of course, in practice it's much easier to deploy new ECDH curves for key agreement than new signature algorithms because the former are easily negotiated in actual protocols, while the latter are less so. But, yes. Nico --
- [TLS] Testing consensus for adding curve25519 to … Adam Langley
- Re: [TLS] Testing consensus for adding curve25519… Russ Housley
- Re: [TLS] Testing consensus for adding curve25519… Rob P Williams
- Re: [TLS] Testing consensus for adding curve25519… Patrick Pelletier
- Re: [TLS] Testing consensus for adding curve25519… Douglas Stebila
- Re: [TLS] Testing consensus for adding curve25519… Douglas Stebila
- Re: [TLS] Testing consensus for adding curve25519… Nick Mathewson
- [TLS] Curve25519 in TLS Simon Josefsson
- Re: [TLS] Testing consensus for adding curve25519… Nico Williams
- Re: [TLS] Testing consensus for adding curve25519… Douglas Stebila
- Re: [TLS] Testing consensus for adding curve25519… Dan Brown
- Re: [TLS] Curve25519 in TLS Rob Stradling
- Re: [TLS] Testing consensus for adding curve25519… Nick Mathewson
- Re: [TLS] Testing consensus for adding curve25519… Dan Brown
- Re: [TLS] Curve25519 in TLS Simon Josefsson
- Re: [TLS] Testing consensus for adding curve25519… Douglas Stebila
- Re: [TLS] Curve25519 in TLS Kyle Hamilton
- Re: [TLS] Curve25519 in TLS Rob Stradling
- Re: [TLS] Curve25519 in TLS Yoav Nir
- Re: [TLS] Curve25519 in TLS Dan Brown
- Re: [TLS] Curve25519 in TLS Bodo Moeller
- [TLS] Koblitz curves [was RE: Curve25519 in TLS] Dan Brown
- Re: [TLS] Curve25519 in TLS Rob Stradling
- Re: [TLS] Curve25519 in TLS Simon Josefsson
- Re: [TLS] Curve25519 in TLS Rob Stradling
- Re: [TLS] Curve25519 in TLS Nico Williams
- Re: [TLS] Curve25519 in TLS Rob Stradling
- Re: [TLS] Curve25519 in TLS Paul Bakker
- Re: [TLS] Curve25519 in TLS Yoav Nir
- Re: [TLS] Curve25519 in TLS Rob Stradling
- [TLS] Curve25519 in TLS Simon Josefsson
- [TLS] Ed25519 for PKIX Simon Josefsson
- Re: [TLS] Ed25519 for PKIX Adam Langley
- Re: [TLS] Ed25519 for PKIX Simon Josefsson
- Re: [TLS] Curve25519 in TLS Manuel Pégourié-Gonnard
- Re: [TLS] Curve25519 in TLS Martin Rex
- Re: [TLS] Curve25519 in TLS Juho Vähä-Herttua
- Re: [TLS] Curve25519 in TLS Manuel Pégourié-Gonnard
- Re: [TLS] Curve25519 in TLS Watson Ladd
- Re: [TLS] Curve25519 in TLS Manuel Pégourié-Gonnard
- Re: [TLS] Curve25519 in TLS Simon Josefsson
- Re: [TLS] Curve25519 in TLS Martin Rex
- Re: [TLS] Curve25519 in TLS Nico Williams