W3C home > Mailing lists > Public > public-webcrypto@w3.org > May 2014

[Bug 25839] Curve25519 Named Curve

From: <bugzilla@jessica.w3.org>
Date: Sat, 24 May 2014 17:44:20 +0000
To: public-webcrypto@w3.org
Message-ID: <bug-25839-7213-WoSlyEHuXp@http.www.w3.org/Bugs/Public/>
https://www.w3.org/Bugs/Public/show_bug.cgi?id=25839

Greg <hi@okturtles.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |hi@okturtles.com

--- Comment #7 from Greg <hi@okturtles.com> ---
As Matt pointed out in in Comment 0, there exists already large implementation
support for Curve25519: http://ianix.com/pub/curve25519-deployment.html

Given the curve's favorable performance and security features [1], it seems
like it should be added purely on technical merit.

If the argument against its addition to the dictionary is that support for it
doesn't exist in "NSS, CommonCrypto, and CNG", then we should ask *why* isn't
it supported in those libraries, and how difficult would it be to add support?

Given that many liberally licensed implementations of Curve25519 already exist
(like libsodium [2]), I'm fairly certain the answer is: it is not at all
difficult for these libraries to add support for it, and if they choose not to,
it's likely for political reasons, not technical ones.

[1] http://cr.yp.to/ecdh/curve25519-20060209.pdf

[2] https://github.com/jedisct1/libsodium

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Received on Saturday, 24 May 2014 17:44:22 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:17:22 UTC