[TLS] Correction: early codepoint assignment for Curve25519, Curve448, Ed25519 and Ed448

Joe Salowey <jsalowey@tableau.com> Tue, 12 January 2016 16:03 UTC

Return-Path: <jsalowey@tableau.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4D7E41B2AEF for <tls@ietfa.amsl.com>; Tue, 12 Jan 2016 08:03:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.091
X-Spam-Level:
X-Spam-Status: No, score=-4.091 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1jxCqIobvTKn for <tls@ietfa.amsl.com>; Tue, 12 Jan 2016 08:03:29 -0800 (PST)
Received: from us-smtp-delivery-180.mimecast.com (us-smtp-delivery-180.mimecast.com [63.128.21.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 236611B2AD9 for <tls@ietf.org>; Tue, 12 Jan 2016 08:03:28 -0800 (PST)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2lp0235.outbound.protection.outlook.com [207.46.163.235]) (Using TLS) by us-smtp-1.mimecast.com with ESMTP id us-mta-14-T6hb9h1TRTaWTDFvBN9uUA-1; Tue, 12 Jan 2016 11:03:17 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tableau.onmicrosoft.com; s=selector1-tableau-com; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=b5ZRZya/4SMe0eU6SmiI4SwnIMFzuJPe+ubyZuOKNws=; b=fqthjJADOYoEF8rubgWp4g2qa6Igbqq0subqUom9ethx+7grJ7mJm/RCxpEdgIeOtSwdECXxYpqfoe1/HbfmEGUXIKZPZmPQ8WOvY59CHiiQsHCrAVbVCJcFI50qDVGEvup0jTM96rjTpFb4iq7TAnT/0oEoT1uTE1Fn/QftKoM=
Received: from BL2PR03MB148.namprd03.prod.outlook.com (10.255.230.27) by BL2PR03MB146.namprd03.prod.outlook.com (10.255.230.18) with Microsoft SMTP Server (TLS) id 15.1.365.19; Tue, 12 Jan 2016 16:03:13 +0000
Received: from BL2PR03MB148.namprd03.prod.outlook.com ([169.254.9.10]) by BL2PR03MB148.namprd03.prod.outlook.com ([169.254.9.10]) with mapi id 15.01.0365.023; Tue, 12 Jan 2016 16:03:13 +0000
From: Joe Salowey <jsalowey@tableau.com>
To: Simon Josefsson <simon@josefsson.org>, Adam Langley <agl@imperialviolet.org>
Thread-Topic: [TLS] Correction: early codepoint assignment for Curve25519, Curve448, Ed25519 and Ed448
Thread-Index: AQHRTVK9GYK+c24UM0+pEDGJ49lIww==
Date: Tue, 12 Jan 2016 16:03:13 +0000
Message-ID: <39175FA5-0D33-43FC-B315-372A0C62B08C@tableau.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/0.0.0.151217
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [67.168.161.122]
x-ms-office365-filtering-correlation-id: 6bc3deb6-e7a8-42f1-8ece-08d31b69e016
x-microsoft-exchange-diagnostics: 1; BL2PR03MB146; 5:c90rCDuthtrtw7m+/L8VzlWLEmUm68sMUWbeSRZUx79EhUopHdwIFdcBk1NMPMWJ45wN8wUhSKB9HJZ03NYQ4pW75zCnq23M2r0N14qB0r4ScVIjyLUSLuRfdZe1PIzQmJWTaOOmLhmxXDi7BewnJw==; 24:8Oh0GM03ZjFZ6gNURj/lKni7s/x8dIO1OjyMg+uHzSGR5KH3razhPBYJaI9cuor7ZLqG5CNKmNkFKzCYTWYeTMjG2IWbiOcIVc48iuIM/wE=; 20:IqIFj/krD154Ii0H/MkcxKoN4LSURFle2op6NQ5nZThH6b5D7tXd7DM6LCl6B7m8PsTZ0gA9VkNXZdhCtHmFKxVnPOh74qn2t8jyfjrfHMoIK0xmi8kXirFHDZqfcd8ADyPSwMYNq/SNAx/CiqUgxYJq7dOfOqagU49hBKmijNI=
x-exchange-antispam-report-test: UriScan:; BCL:0; PCL:0; RULEID:; SRVR:BL2PR03MB146; UriScan:;
x-microsoft-antispam-prvs: <BL2PR03MB146575279489623A7E21441CFCA0@BL2PR03MB146.namprd03.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(5005006)(520078)(8121501046)(3002001)(10201501046); SRVR:BL2PR03MB146; BCL:0; PCL:0; RULEID:; SRVR:BL2PR03MB146;
x-forefront-prvs: 081904387B
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(51914003)(51444003)(164054003)(377454003)(479174004)(24454002)(189002)(199003)(97736004)(86362001)(4001350100001)(81156007)(5001960100002)(5001770100001)(189998001)(83716003)(66066001)(82746002)(83506001)(50986999)(54356999)(87936001)(102836003)(2900100001)(11100500001)(106356001)(6116002)(106116001)(586003)(5004730100002)(105586002)(15975445007)(92566002)(5002640100001)(229853001)(2906002)(40100003)(122556002)(10400500002)(36756003)(33656002)(19580405001)(19580395003)(5008740100001)(99286002)(1220700001)(1096002)(101416001)(4326007)(3846002)(104396002); DIR:OUT; SFP:1102; SCL:1; SRVR:BL2PR03MB146; H:BL2PR03MB148.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-ID: <A9F1BC5BBCBE4044B23E5782A35EE2F2@namprd03.prod.outlook.com>
MIME-Version: 1.0
X-OriginatorOrg: tableau.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Jan 2016 16:03:13.0562 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5067385a-c584-42cc-8679-3fa2879f99be
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL2PR03MB146
X-MC-Unique: T6hb9h1TRTaWTDFvBN9uUA-1
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: base64
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/fw__llgWI6GboYo62qBYZ4Bv4Ho>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: [TLS] Correction: early codepoint assignment for Curve25519, Curve448, Ed25519 and Ed448
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Jan 2016 16:03:39 -0000

Whoops, thanks for the correction.  It should be the code point assignment in draft-ietf-tls-rfc4492bis-05 for Curve25519, Curve448, Ed25519 and Ed448. 

Thanks,

Joe





On 1/12/16, 6:24 AM, "Simon Josefsson" <simon@josefsson.org>; wrote:

>Adam Langley <agl@imperialviolet.org>; writes:
>
>> Curve25519, as the name suggests, operates on 255-bit numbers. When
>> encoded as bytes, there's obviously a 256th bit that needs to be
>> specified.
>>
>> Curve25519 implementations didn't set the bit but did used to vary on
>> how they parsed it. Some would take a 256-bit number and reduce it
>> while others would ignore the bit completely.
>>
>> However, I believe that implementations have converged on ignoring it.
>> That behaviour is specified in draft-irtf-cfrg-curves and tested via
>> the test vectors.
>>
>> Currently https://tools.ietf.org/html/draft-ietf-tls-curve25519-01#section-2.3
>> says that implementations SHOULD reject inputs with the high-bit set.
>> I think that should be dropped. The X25519 function is specified in
>> terms of bytes in draft-irtf-cfrg-curves and I think the TLS spec
>> should just use that draft.
>
>I agree.
>
>/Simon