Mailing List Archive: GnuPG: devel

[rfc-editor@rfc-editor.org] RFC 6637 on Elliptic Curve Cryptography (ECC) in OpenPGP

Index | Next | Previous | View Threaded

wk at gnupg

Jun 11, 2012, 10:34 PM

Post #1 of 5 (262 views)
Permalink

[rfc-editor@rfc-editor.org] RFC 6637 on Elliptic Curve Cryptography (ECC) in OpenPGP

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.

Attachments:

message-rfc822.eml (5.02 KB)

ott at mirix

Jun 11, 2012, 10:58 PM

Post #2 of 5 (243 views)
Permalink

Re: [rfc-editor@rfc-editor.org] RFC 6637 on Elliptic Curve Cryptography (ECC) in OpenPGP [In reply to]

Apparently the Brainpool curves didn't make into the standard. You wrote
(<8739bo51de.fsf [at] vigenere>) that you prefer them and that
GnuPG is going to support them. Is that still the plan? If so, are they
going to be included in GnuPG 2.1.0?

Regards,
Matthias-Christian

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

wk at gnupg

Jun 12, 2012, 12:41 AM

Post #3 of 5 (240 views)
Permalink

Re: [rfc-editor@rfc-editor.org] RFC 6637 on Elliptic Curve Cryptography (ECC) in OpenPGP [In reply to]

On Tue, 12 Jun 2012 07:58, ott [at] mirix said:
> Apparently the Brainpool curves didn't make into the standard. You wrote
> (<8739bo51de.fsf [at] vigenere>) that you prefer them and that
> GnuPG is going to support them. Is that still the plan? If so, are they

They are not excluded from the standard. The standard defines two
things:

a) An OpenPGP protocol extension.
b) Two profiles for that extension.

It is easy to support other curves and thus create a de-facto standard.
Given the mystery-mongering of German and US governmental IT security
bodies I didn't wanted to take either side. Thus I did not pursuit to
have Brainpool listed as another profile. Or a Japanese, Russian, or
Chinese one. If someone want that, they are free to work on another RFC
to add their profile to rfc6637. This is the same as the addition of
the Camellia cipher to OpenPGP. Why should I spend my own unpaid time
on such a thing; I am anyway on the rocks.

Adding Brainpool to GPG is still a good idea and I would like to prepare
that. It is not that complicated and could go hand in hand with some
little code restructuring needed anyway. The question is about GPG's
interface: I am thinking of an extra prompt before asking for the size
of the curve:

Please select the type of curve:
1) OpenPGP (default)
2) SuiteB
3) Brainpool
Your selection?

Shalom-Salam,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

dshaw at jabberwocky

Jun 13, 2012, 8:09 AM

Post #4 of 5 (240 views)
Permalink

Re: [rfc-editor@rfc-editor.org] RFC 6637 on Elliptic Curve Cryptography (ECC) in OpenPGP [In reply to]

On Jun 12, 2012, at 1:34 AM, Werner Koch wrote:

> RFC 6637
>
> Title: Elliptic Curve Cryptography (ECC) in
> OpenPGP
> Author: A. Jivsov
> Status: Standards Track
> Stream: IETF
> Date: June 2012
> Mailbox: Andrey_Jivsov [at] symantec
> Pages: 15
> Characters: 31532
> Updates/Obsoletes/SeeAlso: None
>
> I-D Tag: draft-jivsov-openpgp-ecc-14.txt
>
> URL: http://www.rfc-editor.org/rfc/rfc6637.txt

This is excellent. Congratulations Andrey!

(Now I need to update paperkey to handle ECC keys…)

David

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

ott at mirix

Jun 13, 2012, 10:07 PM

Post #5 of 5 (238 views)
Permalink

Re: [rfc-editor@rfc-editor.org] RFC 6637 on Elliptic Curve Cryptography (ECC) in OpenPGP [In reply to]

On 2012-06-12 09:41, Werner Koch wrote:
> On Tue, 12 Jun 2012 07:58, ott [at] mirix said:
>> Apparently the Brainpool curves didn't make into the standard. You wrote
>> (<8739bo51de.fsf [at] vigenere>) that you prefer them and that
>> GnuPG is going to support them. Is that still the plan? If so, are they
>
> They are not excluded from the standard. The standard defines two
> things:
>
> a) An OpenPGP protocol extension.
> b) Two profiles for that extension.
>
> It is easy to support other curves and thus create a de-facto standard.

If I understand it correctly, it's just a matter of inserting the
Brainpool OIDs and using the respective parameters.

> Given the mystery-mongering of German and US governmental IT security
> bodies I didn't wanted to take either side. Thus I did not pursuit to
> have Brainpool listed as another profile. Or a Japanese, Russian, or
> Chinese one. If someone want that, they are free to work on another RFC
> to add their profile to rfc6637. This is the same as the addition of
> the Camellia cipher to OpenPGP. Why should I spend my own unpaid time
> on such a thing; I am anyway on the rocks.

You should at least have another specification other than the source
code for interoperability purposes (not that there are other significant
OpenPGP implementations, but perhaps in the future).

> Adding Brainpool to GPG is still a good idea and I would like to prepare
> that. It is not that complicated and could go hand in hand with some
> little code restructuring needed anyway. The question is about GPG's
> interface: I am thinking of an extra prompt before asking for the size
> of the curve:
>
> Please select the type of curve:
> 1) OpenPGP (default)
> 2) SuiteB
> 3) Brainpool
> Your selection?

That seems consistent with the rest of the user interface.

Regards,
Matthias-Christian

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads