Re: [TLS] Correction: early codepoint assignment for Curve25519, Curve448, Ed25519 and Ed448

Andrei Popov <> Tue, 19 January 2016 19:00 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 85F0A1B346E for <>; Tue, 19 Jan 2016 11:00:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.012
X-Spam-Status: No, score=-0.012 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id bEWB0ptVoL5a for <>; Tue, 19 Jan 2016 11:00:14 -0800 (PST)
Received: from ( [IPv6:2a01:111:f400:fc10::1:727]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id F2E1B1B346A for <>; Tue, 19 Jan 2016 11:00:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=selector1; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Kw3iAqm+5AXpzasOM5FBho6xXD9C3xqzk3uR+j5Pnw4=; b=EUY2aW/IiEcszKVZ3d0/Ky3Nwjhr/oOrpB5SDH7bThVSKPhHQtTa/FH5PJh1orhzraOOo7jjLkEAGafVDqLczsqWPZVVdCrrubAHWx2mHSUGqNyPfg20OO5netc0Qv6JzdYPn42a1F44LMAMUviYJC6WrsWdTq/xCizAf6NBMdo=
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.1.365.19; Tue, 19 Jan 2016 18:59:54 +0000
Received: from ([]) by ([]) with mapi id 15.01.0365.024; Tue, 19 Jan 2016 18:59:54 +0000
From: Andrei Popov <>
To: David Benjamin <>, Joseph Salowey <>, Brian Smith <>
Thread-Topic: [TLS] Correction: early codepoint assignment for Curve25519, Curve448, Ed25519 and Ed448
Date: Tue, 19 Jan 2016 18:59:54 +0000
Message-ID: <>
References: <> <> <> <> <> <> <> <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
authentication-results: spf=none (sender IP is );
x-originating-ip: [2001:4898:80e8::1d2]
x-ms-office365-filtering-correlation-id: 3e62db0a-2db2-4fe0-45aa-08d32102b7c9
x-microsoft-exchange-diagnostics: 1; BLUPR03MB1396; 5:yWCHHfvgwTI5PACk/YTh6Jv9qEg2idAAWV4eUfZHE2zw1gymUIMNGt2+qocDq3FHEIB00kyU2xHBW41yJgXGudpLcHCnRqWaHKlmqATL5CeMCI+e2wErfNJUSxVnAfim1f+TllbAtoq3h2UWWD8yYw==; 24:CtivCwK7iKiS5TMDi3AUNr7Bbm1HDfcajWmQGhyQWfTT84YzzxwVMNraWkF1in3W51Ks8RXKj9eo9SK0FBRFp5cmOFP8cFKGINzwO684p/4=
x-exchange-antispam-report-test: UriScan:; BCL:0; PCL:0; RULEID:; SRVR:BLUPR03MB1396; UriScan:;
x-microsoft-antispam-prvs: <>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(601004)(2401047)(5005006)(8121501046)(520078)(10201501046)(3002001)(61426038)(61427038); SRVR:BLUPR03MB1396; BCL:0; PCL:0; RULEID:; SRVR:BLUPR03MB1396;
x-forefront-prvs: 0826B2F01B
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(189002)(377454003)(24454002)(199003)(164054003)(16236675004)(15975445007)(122556002)(19617315012)(5002640100001)(5001770100001)(33656002)(5001960100002)(19300405004)(93886004)(5003600100002)(19580395003)(2950100001)(86612001)(19580405001)(19625215002)(86362001)(2900100001)(97736004)(54356999)(50986999)(76176999)(77096005)(40100003)(74316001)(81156007)(106356001)(19609705001)(189998001)(10400500002)(2906002)(4326007)(8990500004)(106116001)(87936001)(101416001)(92566002)(6116002)(790700001)(10290500002)(11100500001)(102836003)(76576001)(105586002)(5008740100001)(10090500001)(1096002)(586003)(99286002)(1220700001)(5005710100001)(5004730100002)(3826002); DIR:OUT; SFP:1102; SCL:1; SRVR:BLUPR03MB1396;; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None ( does not designate permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_BLUPR03MB1396B5360C32F906A8E0E87C8CC10BLUPR03MB1396namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Jan 2016 18:59:54.2694 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR03MB1396
Archived-At: <>
Cc: Adam Langley <>, Simon Josefsson <>, "" <>
Subject: Re: [TLS] Correction: early codepoint assignment for Curve25519, Curve448, Ed25519 and Ed448
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 19 Jan 2016 19:00:17 -0000

Yes, please allocate, esp. 25519. MS will start testing interop soon.



From: TLS [] On Behalf Of David Benjamin
Sent: Tuesday, January 19, 2016 10:01 AM
To: Joseph Salowey <>; Brian Smith <>
Cc: Adam Langley <>; Simon Josefsson <>;
Subject: Re: [TLS] Correction: early codepoint assignment for Curve25519, Curve448, Ed25519 and Ed448

BoringSSL has a pair of implementations ready (in C and in our fork of Go's TLS stack for testing). We're using the value in the TLS 1.3 draft, so 29. It's not currently enabled in any Chrome builds, but I'm expecting to change this soon.


On Tue, Jan 19, 2016 at 12:54 PM Joseph Salowey <<>> wrote:
Any objections to early allocation for X25519 and X448?  Are there implementers with code ready to test interop?



On Thu, Jan 14, 2016 at 3:22 PM, Brian Smith <<>> wrote:
Simon Josefsson <<>> wrote:
Allocating a code point for X25519 could be done and is long overdue
(first draft September 2013).  X448 is also stable.  Code points for
Ed25519 and Ed448 is more problematic since TLS authentication has
historically had interaction with PKIX certs.  I agree with Yoav's
assertion that the curve point verification issue is not big enough to
stall code point allocation.

I agree with this.


TLS mailing list<><>