- From: <bugzilla@jessica.w3.org>
- Date: Sat, 24 May 2014 18:07:47 +0000
- To: public-webcrypto@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=25839 --- Comment #8 from Ryan Sleevi <sleevi@google.com> --- (In reply to Greg Slepak from comment #7) > As Matt pointed out in in Comment 0, there exists already large > implementation support for Curve25519: > http://ianix.com/pub/curve25519-deployment.html I'm aware, but that's never been the consideration criteria. It's about what is available to User Agents. The WG was chartered with the premise of leveraging the *existing* cryptographic capabilities in User Agents today - due to their TLS implementations - before beginning efforts to add whatever algorithm is in vogue at the time. > > Given the curve's favorable performance and security features [1], it seems > like it should be added purely on technical merit. > > If the argument against its addition to the dictionary is that support for > it doesn't exist in "NSS, CommonCrypto, and CNG", then we should ask *why* > isn't it supported in those libraries, and how difficult would it be to add > support? And that's not a question for this WG. The fact remain that the support is not present in UAs. > > Given that many liberally licensed implementations of Curve25519 already > exist (like libsodium [2]), I'm fairly certain the answer is: it is not at > all difficult for these libraries to add support for it, and if they choose > not to, it's likely for political reasons, not technical ones. > > [1] http://cr.yp.to/ecdh/curve25519-20060209.pdf > > [2] https://github.com/jedisct1/libsodium Yes, there is more than technical discussion here (although Curve25519 remains a highly charged technical discussion). The political issues are very much applicable for User Agents, particularly those that need to be available to users in a variety of countries and purposes. While you can disagree with these, they are real issues that User Agent vendors have to deal with. Things like export controls and FIPS 140-2 remain issues for UAs and UA vendors. Still, a reasonable path forward is to provide separate curves in a separate specification, which can then look at adding things like Curve25519, Poly1305, Salsa 20, or the BADA55 curves. -- You are receiving this mail because: You are on the CC list for the bug.
Received on Saturday, 24 May 2014 18:07:49 UTC