[Bug 25839] Curve25519 Named Curve from bugzilla@jessica.w3.org on 2014-06-19 (public-webcrypto@w3.org from June 2014)

From: <bugzilla@jessica.w3.org>
Date: Thu, 19 Jun 2014 18:35:01 +0000
To: public-webcrypto@w3.org
Message-ID: <bug-25839-7213-4j550l5s5u@http.www.w3.org/Bugs/Public/>
https://www.w3.org/Bugs/Public/show_bug.cgi?id=25839

--- Comment #36 from Brian LaMacchia <bal@microsoft.com> ---
(In reply to Harry Halpin from comment #35)
> (In reply to Greg Slepak from comment #29)
> > (In reply to Ryan Sleevi from comment #26)
> > > (In reply to Harry Halpin from comment #24)
> > > >  [snip]
> > > > In order to be fair, I suggest that Matt, Greg, or other people that want
> > > > this curve please provide sample text that fulfills this:
> > > > 
> > > > http://www.w3.org/TR/2014/WD-WebCryptoAPI-20140325/#defining-an-algorithm
> > > >  [snip]
> > > Harry,
> > > 
> > > None of what you said conflicts with what I've said, except in on key,
> > > critical point.
> > > 
> > > This document is in the process of being finished. We have had a WGLC. We
> > > should NOT be adding to it at this time, especially without strong support
> > > from implementers AS WELL AS users.
> > > 
> > > Nothing prevents Curve25519 from being pursued as a separate document. We
> > > have made the same comments regarding other algorithms - SEED and GOST. The
> > > WG can then review such a document and decide whether or not to adopt it as
> > > REC track, and let that proceed through.
> > > 
> > > Continuing to argue for its inclusion in the spec only delays CR - after
> > > all, a significant change like adding Curve25519 (which again, despite there
> > > being implementations, lacks a good spec). Please note that Curve25519 is
> > > itself a curve that is NOT compatible with ECDSA NOR is negotiation the same
> > > as with ECDH (thus making it 'useless' from the perspective of the two APIs
> > > that *take* NamedCurve parameters).
> > > 
> > > These are all reasons why it's best addressed as a separate spec, that
> > > focuses just on the operations usable with it, and working through naming
> > > issues (eg: Do you use Ed25519 with ECDSA? Do you call the sign/verify some
> > > other thing?) is fruitful. But not today. Certainly not 8+ weeks ago when we
> > > went for WGLC.
> > 
> > OK, thank you Harry and Ryan for your comments about this.
> > 
> > Harry: thanks for the suggestion and the link. I will not be able to do this,
> > but maybe Matt (or someone else) could?
> 
> @Matt - can you specify the algorithm given the format in the link? 
> 
> i.e. 
> http://www.w3.org/TR/2014/WD-WebCryptoAPI-20140325/#defining-an-algorithm
> 
> If needed, you may wish to pursue a separate document for the reasons noted
> by Ryan. If you have any questions, just ask.
> 
> Until we get a very clear proposal in terms of textual changes (either as
> changes to the existing spec or as a new document), it will be hard to close
> this bug fairly. 
> 
> Ryan is obviously busy with many other bugs, so I think it's very fair to
> ask the developers who need this to define it.
> 

Harry,

I (and others here at MSR) would be happy to supply the relevant text for the
MSR curves (we've started calling them the NUMS curves, short for "nothing up
my sleeves").  Would you prefer raw text or diffs on the existing
Overview-WebCryptoAPI.xml file?

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Received on Thursday, 19 June 2014 18:35:03 UTC