- From: <bugzilla@jessica.w3.org>
- Date: Wed, 21 May 2014 19:26:27 +0000
- To: public-webcrypto@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=25839 --- Comment #6 from Ryan Sleevi <sleevi@google.com> --- (In reply to Brian LaMacchia from comment #5) > I would object to adding only Curve25519 to the list of named curves if > we're going to open up the NamedCurve list to curves beyond the NIST prime > curves. MSR recently published a paper [1] defining new Weierstrass curves > that are faster than the corresponding NIST curves at the same security > level and meet all the requirements of the SafeCurves project. The > Brainpool curves (which already have an IETF RFC) are also popular in > non-NIST circles. So, at a minimum, if we open up the NamedCurve to add > Curve25519 then we should also add the Brainpool curves and the MSR curves. > > [1] http://eprint.iacr.org/2014/130 The NamedCurve list has always been open. These would have all the same issues as I described in Comment 1 - that is, a requirement to have multi-vendor support (which even the Brainpool curves do not). As such, their addition is highly likely to be short-lived. An alternative is to separately spec, as described in Bug 25618, exactly what these curves are and how they behave, the operations they're valid for, etc. -- You are receiving this mail because: You are on the CC list for the bug.
Received on Wednesday, 21 May 2014 19:26:30 UTC