Re: [TLS] sect571r1

Benjamin Beurdouche <benjamin.beurdouche@inria.fr> Wed, 15 July 2015 18:19 UTC

Return-Path: <benjamin.beurdouche@inria.fr>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 374F21AD06A for <tls@ietfa.amsl.com>; Wed, 15 Jul 2015 11:19:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.56
X-Spam-Level:
X-Spam-Status: No, score=-6.56 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_FR=0.35, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cMySRnFbGpG5 for <tls@ietfa.amsl.com>; Wed, 15 Jul 2015 11:19:41 -0700 (PDT)
Received: from mail3-relais-sop.national.inria.fr (mail3-relais-sop.national.inria.fr [192.134.164.104]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1FAD51B336E for <tls@ietf.org>; Wed, 15 Jul 2015 11:19:40 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="5.15,481,1432591200"; d="scan'208";a="140143954"
Received: from ra178-1-88-163-20-214.fbx.proxad.net (HELO [192.168.0.24]) ([88.163.20.214]) by mail3-relais-sop.national.inria.fr with ESMTP/TLS/DHE-RSA-AES256-SHA; 15 Jul 2015 20:19:39 +0200
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2102\))
From: Benjamin Beurdouche <benjamin.beurdouche@inria.fr>
In-Reply-To: <201507151413.22408.davemgarrett@gmail.com>
Date: Wed, 15 Jul 2015 20:19:38 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <0C91711E-9B11-44DC-8CF0-C17FB231B51F@inria.fr>
References: <201507151413.22408.davemgarrett@gmail.com>
To: Dave Garrett <davemgarrett@gmail.com>
X-Mailer: Apple Mail (2.2102)
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/sto41LVfpU28MyLMOlbcuwvNN4w>
Cc: ML IETF TLS <tls@ietf.org>
Subject: Re: [TLS] sect571r1
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jul 2015 18:19:43 -0000

Hey,

Except if someone has a real need for it,
I would favour removing p571 and keep secp521r1 as the maximum …

Cheers,
B.


> On 15 Jul 2015, at 20:13, Dave Garrett <davemgarrett@gmail.com> wrote:
> 
> In PR 188 for TLS 1.3, I pruned down the allowed elliptic curves to just the ones actually used. (per Sean's recommendation) One point of discussion between Eric and myself: sect571r1. I'm in favor of keeping it, but not very strongly. Eric suggested removing it. It does get some use, though quite a bit less than the others.
> 
> The main reason I think this warrants discussion is that dropping it would drop the maximum bits here, which whilst obviously not the only factor to take into account, will possibly not be desired by some. The main arguments for ditching is probably that it might not be safely implemented and nobody actually needs something this big.
> 
> So, should it stay or should it go now? Opinions?
> 
> 
> Dave
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls