IETF Logo Mail Archive

Re: [TLS] On Curve25519 and other possibilities (e.g. ietf256p, ietf384p, ietf521p,

Michael StJohns <msj@nthpermutation.com> Sat, 28 June 2014 22:55 UTC

Return-Path: <msj@nthpermutation.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E067C1A0194 for <tls@ietfa.amsl.com>; Sat, 28 Jun 2014 15:55:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zLkmZIFVSaye for <tls@ietfa.amsl.com>; Sat, 28 Jun 2014 15:55:13 -0700 (PDT)
Received: from mail-qg0-f44.google.com (mail-qg0-f44.google.com [209.85.192.44]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 08F3E1A017A for <tls@ietf.org>; Sat, 28 Jun 2014 15:55:12 -0700 (PDT)
Received: by mail-qg0-f44.google.com with SMTP id j107so762401qga.3 for <tls@ietf.org>; Sat, 28 Jun 2014 15:55:12 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :subject:references:in-reply-to:content-type; bh=sfyiLwsLG1W4LeQPlBQCcjL79hGGDhmrysiw3rfDpyc=; b=cRzjlOgIuIjZosaQWVYPcQ3ZZN/T2yHLNYrZNsRI7xGcho1jhNyqRfrvbDK96rO2GX JILknPRAHmhVZBVqu75wad6uY7IksPRPC5kK805g3zCjAqQRdmio74H/mRNIytyc2Lz/ FxV5FS5FqYEaCkC4wWuFIoEhoUIOE5d/7WzSHONW2TqYa/2NTQ4Jwu4zCcVp2zHwHfT+ aOpYQWehQ+4410d2S9emlUoGbufuty1qVM8KxtsFrZmK2OO2PkITVIpIZtimLBl41i6Y b75pKaPNckw/1ShKWQPkjzNKraegfUWTqXgmzXjr5S74QtB6Lr42RB/jNeGxSl3Iz5Bc mKsw==
X-Gm-Message-State: ALoCoQmQZC/J9DUUzkJx1HxHZO0vsceKVy95mjo63tOabUkFywlVDtuUaeXegWAJedLI3ZAKkACh
X-Received: by 10.224.172.10 with SMTP id j10mr36927606qaz.46.1403996112225; Sat, 28 Jun 2014 15:55:12 -0700 (PDT)
Received: from ?IPv6:2601:a:2a00:390:b4d7:6f3f:f3ac:4c6? ([2601:a:2a00:390:b4d7:6f3f:f3ac:4c6]) by mx.google.com with ESMTPSA id r13sm51945qga.1.2014.06.28.15.55.11 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sat, 28 Jun 2014 15:55:11 -0700 (PDT)
Message-ID: <53AF47E3.9020906@nthpermutation.com>
Date: Sat, 28 Jun 2014 18:55:31 -0400
From: Michael StJohns <msj@nthpermutation.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: "Salz, Rich" <rsalz@akamai.com>, "tls@ietf.org" <tls@ietf.org>
References: <53AC97B8.2080909@nthpermutation.com> <CABcZeBN5uY4bteXW=OFC1z3ANoSC8AqxG6E6artdOKPF=VxdJg@mail.gmail.com> <53AD56D2.7060200@cs.tcd.ie> <53AF1E98.2080906@nthpermutation.com> <2A0EFB9C05D0164E98F19BB0AF3708C71854BEFA48@USMBX1.msg.corp.akamai.com>
In-Reply-To: <2A0EFB9C05D0164E98F19BB0AF3708C71854BEFA48@USMBX1.msg.corp.akamai.com>
Content-Type: multipart/alternative; boundary="------------060200000200040309010405"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/Q3HWpompL8Bm3ov0svYPgRWgHUU
Subject: Re: [TLS] On Curve25519 and other possibilities (e.g. ietf256p, ietf384p, ietf521p,
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 28 Jun 2014 22:55:15 -0000

On 6/28/2014 6:24 PM, Salz, Rich wrote:
>> *sigh*  If the IETF is really going to get into the business of standardizing
>> >crypto, we need to get the process for doing so right the first time rather
>> >than just plugging it in to TLS and hoping we don't have to redo it over and
>> >over again.
> Agree.  But again, it's "back into the business"  Because we did it before with TLS1, IPsec, and ECC curves therein.

Um... huh?  Can you provide specifics about which cryptographic 
algorithms  we standardized?  This is news to me.

And I'm not talking about "here's how you use ECDSA for TLS or ECDH for  
for IPSEC" documents, but something comparable to SP800-56A or FIPS186-4 
or X9.63.

Mike

v2.23.0 | Report a Bug | By Email