Re: Fwd: New Liaison Statement, "Additional Curves"

I am confident that the point of having an algorithm definition and
construction reviewed and agreed upon by the community will be longer than
a month, even if all the pieces are "obvious" (as the discussion has shown,
some pieces presumed obvious, such as endianness, are far from it)

+1 update after the fact, as much as I would love to see it in.
On Mar 14, 2015 3:42 AM, "GALINDO Virginie" <Virginie.Galindo@gemalto.com>
wrote:

> Harry and all,
> When do you think open issues in IETF will be solved ? If this is about a
> month,  we can take option a), if this is about 6 months,  I suggest we
> follow b) (aka errata management).
> Any opinion from WG members,  familiar with IETF life cycles  ?
> I am not sure there is nothing we cant solve via e-mail here.
> Virginie
>
> ---- Harry Halpin a écrit ----
>
>
> On 03/12/2015 06:28 AM, Richard Barnes wrote:
> > +1
> >
> > This is good news, in that it shows that the end is in sight, and there
> are
> > curves.  I would say we're clear to discuss charter work on the new
> curves
> > now, especially if it's at the level of "support the curves agreed by
> > CFRG".  But it's still early to start laying down any API.
>
> Note we do have this early draft by Trevor (although representational
> details are not specified in as much detail as needed):
>
>
> http://htmlpreview.github.io/?https://github.com/trevp/curve25519_webcrypto/blob/master/Curve25519_WebCrypto.html
>
> I realize are still unresolved issues, as noted by the discussions on
> CFRG. However, this statement has noted the "additional curve
> discussion" has been resolved and the implementation (i.e.
> "representation") details will now be handled by a combination of CFRG
> and TLS WG. T
>
> In particular, there's numerous things we can do:
>
> 1) Nothing.
>
> 2) Co-ordinate on details with TLS and CFRG
>
> The latter is what the IETF->W3C liaison statement proposed:
>
> "We would be happy to see W3C work with the IETF and CFRas this work
> proceeds to ensure that WebCrypto and TLS expose the same curves and,
> insofar as possible, the same algorithms."
>
> Then there are two distinct options if we chose to co-ordinate:
>
> a) Return to Last Call if needed (however, this could take a long time
> if representational details aren't settled quickly)
>
> b) Use the errata process to update the spec as soon represntational
> details are solved.
>
> I think a telecon might be useful if there is disagreement on next steps.
>
>    cheers,
>        harry
>
>
>
> >
> > On Wed, Mar 11, 2015 at 9:28 PM, Ryan Sleevi <sleevi@google.com> wrote:
> >
> >> Harry,
> >>
> >> You've already received feedback from the CFRG about why this is unwise,
> >> with regards to the still ongoing discussions. I appreciate your
> >> enthusiasm, but there are still significant open issues being discussed.
> >>
> >> http://www.ietf.org/mail-archive/web/cfrg/current/msg06425.html
> >>
> >> In case that feedback wasn't clear, Watson did the courtesy of
> explaining
> >> more in depth why this matters:
> >> http://www.ietf.org/mail-archive/web/cfrg/current/msg06433.html
> >>
> >> As noted, while the debate about the curve has settled, there is still
> >> active and ongoing discussion of the representations which need to be
> >> resolved.
> >>
> >> To be clear, I'm wanting to allow the process time to complete.
> >>
> >
>
> ________________________________
>  This message and any attachments are intended solely for the addressees
> and may contain confidential information. Any unauthorized use or
> disclosure, either whole or partial, is prohibited.
> E-mails are susceptible to alteration. Our company shall not be liable for
> the message if altered, changed or falsified. If you are not the intended
> recipient of this message, please delete it and notify the sender.
> Although all reasonable efforts have been made to keep this transmission
> free from viruses, the sender will not be liable for damages caused by a
> transmitted virus.
>