Re: [W3C Web Crypto WG] Call for Consensus on moving curve 25519 to a W3C Working Draft

+1 to the WG taking on a document to describe Curve25519, as there is zero
commitment for the WG to ship or implement or agree to even send the draft
forward in the process.
-1 to Harry's reasoning and explanation, which I do not think is either
necessary nor, given the many discussions had in the past, consistent with
the messaging that either he or our Chair have provided people regarding
curve extensibility, especially the comment "moving the whole spec back to
Last Call"
-1 because I agree with Richard that there is no sense rushing a draft out,
especially if the CFRG makes any changes to Curve25519 (or NUMS) for
suitability for TLS.

So, overall, -1

On Thu, Nov 20, 2014 at 2:22 PM, Harry Halpin <hhalpin@w3.org> wrote:

>
>
> On 11/20/2014 11:18 PM, Richard Barnes wrote:
> > On Thu, Nov 20, 2014 at 5:13 PM, Harry Halpin <hhalpin@w3.org> wrote:
> >
> >>
> >>
> >> On 11/20/2014 11:08 PM, Richard Barnes wrote:
> >>> -1
> >>>
> >>> I thought we had agreed to take no action on new curves until the CFRG
> /
> >>> TLSWG process concluded.  AFAICT, it has not.
> >>
> >> My understanding that Curve 25519 would a test of how we could add new
> >> algorithms by sending them through the WG independently of CFRG.
> >>
> >> If CFRG choses a curve, then I thought the WG agreed we would try to
> >> include it.
> >>
> >> Thus, they are separable. However, in the case that CFRG does indeed
> >> chose Curve 25519 (CFRG discussion is rumoured to be ending in early
> >> Dec.) then we'll obviously not have this problem.
> >>
> >
> > I don't see why we would use a curve other than the one(s) chosen by CFRG
> > for this experiment.  We're just talking about a few more weeks.
>
> The reason is so we can show we have adequately responded when we
> transition to CR to the numerous complaints over curves - and thus that
> our extensibility and errata-based mechanism can do the heavy-lifting.
>
> However, we can write in the bugzilla that we will revisit when/if CFRG
> choses a curve. However, I see no harm and quite a bit of good in taking
> Curve 25519 forward as Working Draft and it does show serious commitment
> from the WG to the issue.
>
> If CFRG choses another curve, that curve can also be included by either
> a similar mechanism or moving the whole spec back to Last Call.
>
>
> >
> > --Richard
> >
> >
> >
> >
> >
> >>
> >>    cheers,
> >>        harry
> >>
> >>>
> >>> On Thu, Nov 20, 2014 at 12:46 PM, GALINDO Virginie <
> >>> Virginie.Galindo@gemalto.com> wrote:
> >>>
> >>>>  Dear all,
> >>>>
> >>>>
> >>>>
> >>>> This is a call for consensus directed to WG participants to have the
> >> curve
> >>>> 25519 draft provided by Trevor Perrin [1] to become a W3C Working
> >> Draft, in
> >>>> the Web Crypto WG.
> >>>>
> >>>> That draft has been discussed with WG members during an informal call
> on
> >>>> the 18th of August [2]. We decided not to make decision to endorse
> curve
> >>>> 25519 in the web crypto API, but rather see it as a candidate for our
> >>>> extension/errata process.
> >>>>
> >>>>
> >>>>
> >>>> Please answer to this call for consensus before the 5th of December
> >> 23:59
> >>>> UTC :
> >>>>
> >>>> -          Indicate in a reply mail (+1) if you agree
> >>>>
> >>>> -          Indicate in a reply mail (-1) if you object
> >>>>
> >>>>
> >>>>
> >>>> While explicit consent is preferable, silence means endorsement (+1)
> of
> >>>> this decision to have this draft becoming a W3C Working Draft.
> >>>>
> >>>>
> >>>>
> >>>> Regards,
> >>>>
> >>>> Virginie
> >>>>
> >>>> Chair of  Web Crypto WG
> >>>>
> >>>>
> >>>>
> >>>> [1]
> >>>>
> >>
> http://htmlpreview.github.io/?https://github.com/trevp/curve25519_webcrypto/blob/master/Curve25519_WebCrypto.html
> >>>>
> >>>> [2] http://www.w3.org/2014/08/18-crypto-minutes.html
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>  ------------------------------
> >>>> This message and any attachments are intended solely for the
> addressees
> >>>> and may contain confidential information. Any unauthorized use or
> >>>> disclosure, either whole or partial, is prohibited.
> >>>> E-mails are susceptible to alteration. Our company shall not be liable
> >> for
> >>>> the message if altered, changed or falsified. If you are not the
> >> intended
> >>>> recipient of this message, please delete it and notify the sender.
> >>>> Although all reasonable efforts have been made to keep this
> transmission
> >>>> free from viruses, the sender will not be liable for damages caused
> by a
> >>>> transmitted virus.
> >>>>
> >>>
> >>
> >
>
>

Received on Thursday, 20 November 2014 23:54:59 UTC