Return-Path: X-Original-To: tls@ietfa.amsl.com Delivered-To: tls@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EDC551B367A; Wed, 23 Sep 2015 20:23:49 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.902 X-Spam-Level: X-Spam-Status: No, score=-0.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_AU=0.377, HOST_EQ_AU=0.327, RCVD_IN_DNSWL_LOW=-0.7, RELAY_IS_203=0.994] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MXv4JGBzxwW6; Wed, 23 Sep 2015 20:23:48 -0700 (PDT) Received: from ipxcvo.tcif.telstra.com.au (ipxcvo.tcif.telstra.com.au [203.35.135.208]) by ietfa.amsl.com (Postfix) with ESMTP id C72511B3679; Wed, 23 Sep 2015 20:23:47 -0700 (PDT) X-IronPort-AV: E=Sophos;i="5.17,579,1437400800"; d="scan'208";a="119105769" Received: from unknown (HELO ipcdvi.tcif.telstra.com.au) ([10.97.217.212]) by ipocvi.tcif.telstra.com.au with ESMTP; 24 Sep 2015 13:23:46 +1000 X-IronPort-AV: E=McAfee;i="5700,7163,7933"; a="25869545" Received: from wsmsg3754.srv.dir.telstra.com ([172.49.40.198]) by ipcdvi.tcif.telstra.com.au with ESMTP; 24 Sep 2015 13:23:46 +1000 Received: from WSMSG3153V.srv.dir.telstra.com ([172.49.40.159]) by WSMSG3754.srv.dir.telstra.com ([172.49.40.198]) with mapi; Thu, 24 Sep 2015 13:23:46 +1000 From: "Manger, James" To: Simon Josefsson , "pkix@ietf.org" , "tls@ietf.org" Date: Thu, 24 Sep 2015 13:23:45 +1000 Thread-Topic: [pkix] Updated EdDSA/Ed25519 PKIX document Thread-Index: AdD12pVU/mpM/hKjSpWqsOnwHJSkkQAm4V3A Message-ID: <255B9BB34FB7D647A506DC292726F6E13BAE1499A2@WSMSG3153V.srv.dir.telstra.com> References: <878u7xtu06.fsf@latte.josefsson.org> In-Reply-To: <878u7xtu06.fsf@latte.josefsson.org> Accept-Language: en-US, en-AU Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US, en-AU Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Archived-At: Subject: Re: [TLS] [pkix] Updated EdDSA/Ed25519 PKIX document X-BeenThere: tls@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Sep 2015 03:23:50 -0000 Hi Simon, two technical typos: The example cert in 8.2 has the wrong OID for the signature. Cert has { 1 3 101 100 1 } [encoding 06 04 2B656401] Text has { 1 3 101 101 } [encoding 06 03 2B6565] for id-EdDSASignature OIDs use space-separated (not dot-separated) numbers in ASN.1. Section 4: Wrong { 1.3.101.100 } Right { 1 3 101 100 } Section 7 Wrong { 1.3.101.101 } Right { 1 3 101 101 } The cert's notBefore field is a UTCTime value (2-digit year), while the not= After field is a GeneralizedTime value (4-digit year). I don't think I has = seen that before, but it is valid. -- James Manger -----Original Message----- From: pkix [mailto:pkix-bounces@ietf.org] On Behalf Of Simon Josefsson Sent: Wednesday, 23 September 2015 6:33 PM To: pkix@ietf.org; tls@ietf.org Subject: [pkix] Updated EdDSA/Ed25519 PKIX document Hi all, I have pushed out a new version of the document describing EdDSA public key= s, signatures and certificates for PKIX. The change in -03 include the add= ition of the prehash mode, test vectors generated by GnuTLS, and a section = recommending certain human readable names. https://tools.ietf.org/html/draft-josefsson-pkix-eddsa-03 I've started a thread to discuss whether it is wortwhile to be able to use = the same Ed25519 key for both PureEdDSA mode and HashEdDSA signing, and I'd= appreciate feedback on whether people are interested in this and generally= if it is a good idea or not. The complexity involved make me shy away a b= it from it, but it is fun to consider. The thread is here: https://moderncrypto.org/mail-archive/curves/2015/000630.html /Simon