Re: ECC in OpenPGP proposal

Once again, this proposal is for each 3 of 1) ECC with OpenPGP within 
RFC 4880, 2) Suite B and 3) mobile.
This is a pragmatic proposal to extend RFC4880 to get benefits in each 
of 3 areas. This may not be perfect, for example, for PC folks and for 
mobile folks if they only focus on their hardware, but I believe it can 
be agreed upon if interested parties forgo some features in the interest 
of interoperability. This promotes the idea of a single key. Instead of 
having a SuiteB key, why not have an RFC 4880 ECC key that can be used 
for SuiteB or OpenPGP, PCs, PDAs, smartcards, HSMs, depending on 
software configuration?
Regarding V5, I don't see justification for it. I would view ECC DSA is 
a variant of DSA. Granted, it as a change in public key algorithm, but 
we have a mechanism to add new public key algorithm to RFC 4880.
Ian G wrote:
> Lots of questions!  For me, the confusion is swirling around these 
> questions:
> The proposal in question is:
>
>    (a) Suite B
>    (b) ECC, and/or
>    (c) mobile
>
> Is it one of these?  All of them?  Two of them?
>
> I would argue that (a) sounds good.  When the NSA speaks, I listen.  
> (normally it is the other way around...)  I like their Suite B and 
> would copy it exactly, word for word, no deviations.
> (b) sounds less good, as this involves much more work (e.g., doing it 
> properly) and would tempt me to say "wait for V5!"  or "just listen to 
> the NSA, guys."
> (c) is something that should be done by the mobile guys, as Dani 
> pointed out, there are special things that need to be considered.
> One-size-fits-all will probably result in nobody being happy.
>
> iang