Re: [TLS] Strawman on EdDSA/Ed25519 in TLS

Rick Andrews <> Tue, 23 June 2015 11:42 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id E5B931B2B12 for <>; Tue, 23 Jun 2015 04:42:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 4KgPbKvdEG39 for <>; Tue, 23 Jun 2015 04:42:07 -0700 (PDT)
Received: from ( []) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 471641B2B56 for <>; Tue, 23 Jun 2015 04:42:07 -0700 (PDT)
X-AuditID: d80ac3f3-f798f6d000007a91-e8-558945ffc38d
Received: from ( []) by (Symantec Brightmail Gateway out) with SMTP id 01.0D.31377.FF549855; Tue, 23 Jun 2015 12:41:51 +0100 (BST)
Received: from [] (helo=TUS1XCHHUBPIN02.SYMC.SYMANTEC.COM) by with esmtp (Exim 4.76) (envelope-from <>) id 1Z7MaN-0006DH-RT for; Tue, 23 Jun 2015 11:41:51 +0000
Received: from TUS1XCHEVSPIN33.SYMC.SYMANTEC.COM ([]) by TUS1XCHHUBPIN02.SYMC.SYMANTEC.COM ([]) with mapi; Tue, 23 Jun 2015 04:42:01 -0700
From: Rick Andrews <>
To: "" <>
Date: Tue, 23 Jun 2015 04:41:48 -0700
Thread-Topic: Strawman on EdDSA/Ed25519 in TLS
Thread-Index: AdCtqS/mNgMErVLqQfeSDIsgN1W6mQ==
Message-ID: <544B0DD62A64C1448B2DA253C011414615B1DD55AC@TUS1XCHEVSPIN33.SYMC.SYMANTEC.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
acceptlanguage: en-US
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_NextPart_000_0292_01D0AD6E.E9FA30C0"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprHIsWRmVeSWpSXmKPExsVyYMU1bd3/rp2hBhvvmFt8Ot/F6MDosWTJ T6YAxigum5TUnMyy1CJ9uwSujMZD31kKTvhWfO6fxNjAON2zi5GTQ0LAROLf+g+MELaYxIV7 69m6GLk4hAQ+MEpcbu1mh3D+MkqcON3LCuGsYpS4saGfDaSFTUBPYsvjK+wgtoiAosSOq91g NouAqsTbd0/BaoQF9CX2LdvMClGjL7Hxxn1GCFtPYvLW6ywgNq9AlMTDs1/BehmBzvh+ag0T iM0sIC5x68l8JojzRCQeXjzNBmGLSrx8/I8Vol5U4k77ekaI+l5Gia3/XCFmCkqcnPmEZQKj 8Cwko2YhKZuFpGwWIwdQXE+ibSMjRIm8xPa3c5ghbGuJGb8OskHYihJTuh+yQ9imEq+PfmRc wMixilGmpLTYsDi3JL+0pCC1wsBYr7gyNxEYT8l6yfm5mxiBMXWD6/DnHYy/9zgeYhTgYFTi 4d1m1hkqxJpYBlR5iFEFaNyjDasvMEqx5OXnpSqJ8P52AErzpiRWVqUW5ccXleakFh9ilOZg URLn7VjUHCokkJ5YkpqdmlqQWgSTZeLglGpgjK+r6CmPf/XxQFSi5QuLl69U34s9O/t8kYKv 5NuGKjljfTsJg6Vbay6cubZ487tJ86eUWB7QPjDr1cUPZne1fjmtbn9l9vLgjkfir/k4i34V vRQMXhRUc0N81bdQ4eUbphr/n+/Dq+V4SfizTK6ze1Zhyi+eCTP/PKpIMWpXVzqw4qAu58mv T5VYijMSDbWYi4oTAXdjxcOxAgAA
Archived-At: <>
Subject: Re: [TLS] Strawman on EdDSA/Ed25519 in TLS
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 23 Jun 2015 11:42:09 -0000

Symantec owns Thawte which owns 1.3.101. We're happy to donate a reasonable
number of OIDs under this arc for your purposes. Please let me know if you'd
like to take us up on the offer. Thanks to Rob Stradling for bringing this
to my attention.


-----Original Message-----
Date: Thu, 21 May 2015 19:42:53 -0700
From: Peter Bowen <>
To: Nico Williams <>
Cc: Simon Josefsson <>, ""
Subject: Re: [TLS] Strawman on EdDSA/Ed25519 in TLS
Content-Type: text/plain; charset=UTF-8

On Wed, May 20, 2015 at 12:07 PM, Nico Williams <>
> On Wed, May 20, 2015 at 07:14:47PM +0200, Simon Josefsson wrote:
>> Support for EdDSA/Ed25519 in TLS has been suggested a couple of times.
> I'm in favor.
>> One aspect I'm aware of is that there is no OID allocated nor 
>> specification of PKIX certificates with EdDSA/Ed25519 public keys.  
>> I'm not sure the above document is the right place for doing that 
>> though, and more thinking around this topic is especially appreciated.
> It's an OID.  You can get your own OID arc and then allocate an OID.
> Is it important to separate the addition of a PKIX algorithm OID from 
> the TLS bits?  Well, it is neater that way.

I'll donate a short OID to the cause if that will help move things forward.
We have the 1.3.187 arc which is only three bytes DER.  If someone has a
smaller arc (third node would be 127 or lower) and would offer an OID from
their arc we can shave off another couple of bytes.