RE: Web Crypto API - about named curve addition

Hello Virginie,

I will commit to providing text for at least the MSR curves, but we (Microsoft) disagree with your suggestion that the bug be resolved via extension specifications.  Our consensus opinion is that it would be much better if we try to resolve this bug with changes to the main text.  As has been pointed out previously, the current text in the draft implies that in order to implement ECDSA and ECDH, one must implement all of the NIST Prime curves, and the text in sections 18.8 and 18.9 must be modified to permit anything other than the NIST curves to be used.  So main text edits are required to resolve this bug in any way other than "won't fix".

Given all algorithms are optional, we think that we should put all of these non-NIST curves into the main text and then choose one of the two following positions:


1)      All curves are optional to implement, including the NIST curves

2)      NIST P-256 and NIST P-384 are mandatory-to-implement if you implement ECDSA and/or ECDH, and everything else is optional.  (I would not argue for P-521 to be mandatory as it's just not used in practice anywhere.)

If we following this procedure, then additional curves may be added to the list of named curves and we will just have to change the NIST curve-only text.  We can add Curve25519, the MSR curves and even the Brainpool curves (as I pointed out in my original bug comment) as a group to accommodate the various requests that have been received.  We think that's the best way forward.

Assuming you agree with this revised proposal, I'll commit to being point person for the MSR curves and collaborating with Matt and Henri on a combined set of edits to permit non-NIST curves to be used in Web Crypto.

Thanks,

--bal


From: GALINDO Virginie [mailto:Virginie.Galindo@gemalto.com]
Sent: Wednesday, June 25, 2014 1:59 PM
To: Henri Sivonen; hi@okturtles.com; Brian LaMacchia
Cc: public-webcrypto@w3.org; w3@bluematt.me
Subject: Web Crypto API - about named curve addition

Dear Henri, Greg, Brian,

Thanks for reviewing this recent comment in Web Crypto API bugzilla https://www.w3.org/Bugs/Public/show_bug.cgi?id=25839#c39
This is the proposal from the chair to resolve that bug, and it implies some quick actions on your side.

Regards,
Virginie
________________________________
This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus.

Received on Wednesday, 25 June 2014 21:27:03 UTC