- From: Harry Halpin <hhalpin@w3.org>
- Date: Thu, 12 Mar 2015 00:16:31 +0100
- To: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
-------- Forwarded Message -------- Subject: New Liaison Statement, "Additional Curves" Date: Wed, 11 Mar 2015 14:10:02 -0700 From: Liaison Statement Management Tool <lsmt@ietf.org> To: hhalpin@w3.org Title: Additional Curves Submission Date: 2015-03-11 URL of the IETF Web page: http://datatracker.ietf.org/liaison/1383/ From: Security Area (Mark Nottingham <mnot@mnot.net>) Body: To whom it may concern, Harry Halpin from W3C has indicated [1] that it may be useful to send a status report about the work on additional elliptic curves that is being done in the IETF and IRTF. The IETF TLS WG has asked for assistance from the IRTF CFRG in the selection of some additional elliptic curves with advantageous properties for use in TLS. It is highly likely that other IETF work will re-use those curves when they are adopted for use in TLS. The TLS WG has previously gotten similar advice from CFRG in relation to e.g. the chacha algorithm, so this is not an uncommon process in the IETF context. To date, CFRG has reached consensus on two curves at different security levels; one of them is currently documented in [2]. Additional work is still required to specify cryptographic algorithms using these curves; this work is on-going in CFRG. We would be happy to see W3C work with the IETF and CFRG as this work proceeds to ensure that WebCrypto and TLS expose the same curves and, insofar as possible, the same algorithms. Regards, Stephen Farrell & Kathleen Moriarty (Security area directors) [1] https://www.ietf.org/mail-archive/web/cfrg/current/msg06424.html [2] https://datatracker.ietf.org/doc/draft-irtf-cfrg-curves/ Attachments:
Received on Wednesday, 11 March 2015 23:16:32 UTC