Re: [TLS] [Cfrg] Citing specs in specs

Paul Lambert <> Tue, 04 March 2014 05:33 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 1209A1A036C; Mon, 3 Mar 2014 21:33:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.567
X-Spam-Status: No, score=-1.567 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, IP_NOT_FRIENDLY=0.334, SPF_PASS=-0.001] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id k6RlryHj7wcn; Mon, 3 Mar 2014 21:33:06 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id B97AA1A0366; Mon, 3 Mar 2014 21:33:06 -0800 (PST)
Received: from pps.filterd ( []) by (8.14.5/8.14.5) with SMTP id s245Wu0d011203; Mon, 3 Mar 2014 21:32:57 -0800
Received: from ([]) by with ESMTP id 1jcrfcv5m0-27 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Mon, 03 Mar 2014 21:32:57 -0800
Received: from ([]) by ([::1]) with mapi; Mon, 3 Mar 2014 21:32:52 -0800
From: Paul Lambert <>
To: Jon Callas <>
Date: Mon, 3 Mar 2014 21:32:52 -0800
Thread-Topic: [Cfrg] Citing specs in specs
Thread-Index: Ac83ay/UcpeQCEuqTpurMCDpBspGng==
Message-ID: <>
References: <> <> <> <> <> <> <> <> <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
user-agent: Microsoft-MacOutlook/
acceptlanguage: en-US
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.11.87, 1.0.14, 0.0.0000 definitions=2014-03-04_02:2014-03-03, 2014-03-04, 1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1305240000 definitions=main-1403030212
X-Mailman-Approved-At: Mon, 03 Mar 2014 23:18:37 -0800
Cc: "" <>, "" <>
Subject: Re: [TLS] [Cfrg] Citing specs in specs
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 04 Mar 2014 05:33:08 -0000

On 3/3/14, 2:52 PM, "Jon Callas" <> wrote:

>On Mar 2, 2014, at 3:40 PM, Paul Lambert <> wrote:
>> Implementations are possible by using the readily available open source
>> implementation.  This is a good thing, but it is also desirable
>> to have a unambiguous description of the algorithms that is not
>> a C code file.  This is why we write RFCs...
>It's hard to disagree with this, in a similar way that it's hard to
>disagree with the idea of peace on earth, living at one with nature, etc.
>But in practice, code needs to be in a computer language rather than
>English and I've seen (and been involved with) a document that started
>with rough consensus and running code, translated that into English, and
>the English was (and is) devilishly hard to compile back into C.
Yes - I¹e seen the same problem.  English is not a concise or clear way to
document an algorithm.

HAC is pretty clear and is a decent example of cryptographic algorithm
descriptions (, but still
uses a mix of math notation and english text.
>Portably implemented algorithms are hard to do in any computer language.
>They're harder to do in words. I don't see how you're going to get an
>unambiguous description of the language in anything but a computer
>language. It doesn't have to be C, it could be Python, Ruby, or Algol-58
>(which I mention because it was originally designed as an algorithmic
>description language). English is a suboptimal implementation language.

Yes, exactly!   'Readable code¹ would be a very good way to provide an
algorithm description.  Why bother with pseudo code when a executable
syntax could be used.   I submitted earlier on this list some Python code
fragments as examples of this approach.  Python allows operator
overloading, so it can provide some very readable ECC algorithm


>	Jon