Re: [TLS] Updated EdDSA in TLS drafts

Stephen Farrell <stephen.farrell@cs.tcd.ie> Mon, 08 June 2015 10:16 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3CC251A0021 for <tls@ietfa.amsl.com>; Mon, 8 Jun 2015 03:16:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.51
X-Spam-Level:
X-Spam-Status: No, score=-1.51 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FokEki2WRR-g for <tls@ietfa.amsl.com>; Mon, 8 Jun 2015 03:16:27 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 665661A0019 for <tls@ietf.org>; Mon, 8 Jun 2015 03:16:27 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 98610BE5D; Mon, 8 Jun 2015 11:16:24 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t9Ue7qCP55F9; Mon, 8 Jun 2015 11:16:23 +0100 (IST)
Received: from [10.87.48.73] (unknown [86.46.23.15]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 7A76DBE53; Mon, 8 Jun 2015 11:16:23 +0100 (IST)
Message-ID: <55756B76.4070103@cs.tcd.ie>
Date: Mon, 08 Jun 2015 11:16:22 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: Simon Josefsson <simon@josefsson.org>, tls@ietf.org
References: <87zj4ah6i0.fsf@latte.josefsson.org>
In-Reply-To: <87zj4ah6i0.fsf@latte.josefsson.org>
OpenPGP: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="cAkMttXvRBvsgQ8vJ34EjMUCtivv0eIcv"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/inACULJs-glj9-zk90LCOefNrJ4>
Subject: Re: [TLS] Updated EdDSA in TLS drafts
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jun 2015 10:16:29 -0000

Hiya,

On 08/06/15 10:52, Simon Josefsson wrote:
> More feedback is appreciated!

My v. high level feedback is that we really don't want
to get too far ahead of cfrg here. They've not yet got
all details of their preferred signature scheme using
that curve defined and it'd be really dumb for any IETF
WG to get ahead of that by accident.

So while working on this draft is a fine thing, I don't
think we want to get to IETF LC for things like this until
after cfrg have figured out their preferred signature
scheme. (And the cfrg chairs tell me that ought be done
soon - in a few months.)

Note that waiting until the cfrg position is clear
does not mean that the IETF has to mindlessly adopt what
cfrg have done, but we won't want to ignore their work
either. And fwiw, I guess I'd take the same position for
any work item for almost any new ECC work for the moment.
Since cfrg are nearly done and seem to be making progress
now, pre-empting their decisions wouldn't be a good plan.

Cheers,
S.