[Bug 25839] Curve25519 Named Curve


--- Comment #3 from Ryan Sleevi <sleevi@google.com> ---
(In reply to Matt Corallo from comment #2)
> Feature at risk seems reasonable, however I think the (apparent) demand for
> curve25519 would merit placing it in the spec. Also, there are a number of
> inter-operable implementations of curve25519, even if not in NSS/etc.

Please note: Placing it in the spec is not any indication that it is or will be
supported. As noted, none of these algorithms are mandatory to implement, for a
variety of reasons that include both legal and political concerns.

Even the existing (specified) algorithms are features at risk - a lack of
inter-operable implementations, or any implementation itself, is sufficient to
result in it being removed from any final REC document.

I merely note this to set your expectation - the appearance of curve25519 would
1) Be no means an endorsement of the Web Cryptography WG that it is a good
2) Be no means an endorsement of the Web Cryptography WG that UAs SHOULD
3) Have a higher chance than normal of being removed from the specification in
a few months, due to lack of implementation.

As such, specifying it now would likely do a greater disservice to developers
than you intend, but it's certainly something we can discuss.

You are receiving this mail because:
You are on the CC list for the bug.

Received on Wednesday, 21 May 2014 01:12:01 UTC