[Bug 25839] Curve25519 Named Curve from bugzilla@jessica.w3.org on 2014-06-19 (public-webcrypto@w3.org from June 2014)

From: <bugzilla@jessica.w3.org>
Date: Thu, 19 Jun 2014 15:22:42 +0000
To: public-webcrypto@w3.org
Message-ID: <bug-25839-7213-D9cOXEvnnW@http.www.w3.org/Bugs/Public/>
https://www.w3.org/Bugs/Public/show_bug.cgi?id=25839

--- Comment #35 from Harry Halpin <hhalpin@w3.org> ---
(In reply to Greg Slepak from comment #29)
> (In reply to Ryan Sleevi from comment #26)
> > (In reply to Harry Halpin from comment #24)
> > >  [snip]
> > > In order to be fair, I suggest that Matt, Greg, or other people that want
> > > this curve please provide sample text that fulfills this:
> > > 
> > > http://www.w3.org/TR/2014/WD-WebCryptoAPI-20140325/#defining-an-algorithm
> > >  [snip]
> > Harry,
> > 
> > None of what you said conflicts with what I've said, except in on key,
> > critical point.
> > 
> > This document is in the process of being finished. We have had a WGLC. We
> > should NOT be adding to it at this time, especially without strong support
> > from implementers AS WELL AS users.
> > 
> > Nothing prevents Curve25519 from being pursued as a separate document. We
> > have made the same comments regarding other algorithms - SEED and GOST. The
> > WG can then review such a document and decide whether or not to adopt it as
> > REC track, and let that proceed through.
> > 
> > Continuing to argue for its inclusion in the spec only delays CR - after
> > all, a significant change like adding Curve25519 (which again, despite there
> > being implementations, lacks a good spec). Please note that Curve25519 is
> > itself a curve that is NOT compatible with ECDSA NOR is negotiation the same
> > as with ECDH (thus making it 'useless' from the perspective of the two APIs
> > that *take* NamedCurve parameters).
> > 
> > These are all reasons why it's best addressed as a separate spec, that
> > focuses just on the operations usable with it, and working through naming
> > issues (eg: Do you use Ed25519 with ECDSA? Do you call the sign/verify some
> > other thing?) is fruitful. But not today. Certainly not 8+ weeks ago when we
> > went for WGLC.
> 
> OK, thank you Harry and Ryan for your comments about this.
> 
> Harry: thanks for the suggestion and the link. I will not be able to do this,
> but maybe Matt (or someone else) could?

@Matt - can you specify the algorithm given the format in the link? 

i.e. 
http://www.w3.org/TR/2014/WD-WebCryptoAPI-20140325/#defining-an-algorithm

If needed, you may wish to pursue a separate document for the reasons noted by
Ryan. If you have any questions, just ask.

Until we get a very clear proposal in terms of textual changes (either as
changes to the existing spec or as a new document), it will be hard to close
this bug fairly. 

Ryan is obviously busy with many other bugs, so I think it's very fair to ask
the developers who need this to define it.

> 
> Ryan: What do you mean by separate spec? I've asked you this before but you
> did not reply. A separate version of this spec, or a completely different
> spec called "WebCryptoAPI (Secure Curve Version)"?
> 
> Also, what do you mean by "delays CR" (what is CR)? And regardless of
> whatever
> CR means, why are you more concerned with delays than you are with the
> security
> of the curves in the spec?

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Received on Thursday, 19 June 2014 15:22:44 UTC