On Feb 23, 2006, at 12:32 PM, Hallam-Baker, Phillip wrote:
I think that we are all aware that IP owners have a duty to their
shareholders to promote the value of their IP in the best possible
light.
We do not need point compression for our purposes. Nor is
efficiency a critical issue. The only crucial criteria is a bit
length of 1024 bits or less.
The issue raise regarding IPR was not related to point compression.
In addition to defending against known attacks, Certicom IPR claims
also relate to basic algorithm improvements which makes clean-room
development difficult. Is there elliptic-curve code within the
public domain not encumbered, which can be safely used in the near
future? If ECC code is not ready now, when will it be? Can someone
predict whether ECC, with its small keys sizes, will not become
vulnerable as has SHA-1? There is less private key information to leak.
Although there are text-based conventions for entering binary RRs
into DNS, this discussion was considering whether space was available
within the TXT RR to accommodate upgrade declarations, or whether a
binary structure for DKIM key RR should be considered. An ability to
accommodate 2048 bit keys does not preclude use of ECC, when that
proves feasible and desirable. However, not having an ability to
accommodate 2048 bits may create much greater disruption. Why paint
DKIM into a corner? Surely a binary RR is easier than developing
cryptography.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html