- From: <bugzilla@jessica.w3.org>
- Date: Wed, 23 Jul 2014 23:12:55 +0000
- To: public-webcrypto@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=25839 --- Comment #46 from Trevor Perrin <webcrypto@trevp.net> --- (In reply to Ryan Sleevi from comment #45) > (In reply to webcrypto from comment #44) > > Hi, > > > > Has this issue reached resolution? > > While I realize it's a lot to read, no, there is no resolution on this, > because there's a number of outstanding issues: > > - Suitable normative reference (TLS is still debating this) > - Suitable key format reference (TLS is still debating this) Is Dan Bernstein's paper from PKC 2006 not a sufficient reference? It's available at stable URLs in a couple places, contains a detailed algorithm description, and is widely cited as "the" curve25519 paper: http://cr.yp.to/ecdh/curve25519-20060209.pdf http://www.iacr.org/cryptodb/archive/2006/PKC/3351/3351.pdf There are multiple independent implementations. I've never heard of interop problems. > - Suitable proposal (in a separate spec) by someone motivated for support > for this > - Which also makes sure to update ECDH / ECDSA descriptions to be explicit > about what Curve25519 is and is not suitable for Has no-one provided these? I'd be happy to do so, though it might take a few weeks, and I believe you're on a tight schedule? Whether this makes sense in the core document or a separate one I don't know. But if there are issues with including Curve25519 in WebCrypto's notion of a "curve", as some comments in this bug imply, it may be worth working this out before the core documents issue, in case this reflects limitations of WebCrypto. Trevor -- You are receiving this mail because: You are on the CC list for the bug.
Received on Wednesday, 23 July 2014 23:12:57 UTC