Re: ECC in OpenPGP proposal
2008-03-04 14:23:54
Once again, this proposal is for each 3 of 1) ECC with OpenPGP within
RFC 4880, 2) Suite B and 3) mobile.
This is a pragmatic proposal to extend RFC4880 to get benefits in each
of 3 areas. This may not be perfect, for example, for PC folks and for
mobile folks if they only focus on their hardware, but I believe it can
be agreed upon if interested parties forgo some features in the interest
of interoperability. This promotes the idea of a single key. Instead of
having a SuiteB key, why not have an RFC 4880 ECC key that can be used
for SuiteB or OpenPGP, PCs, PDAs, smartcards, HSMs, depending on
software configuration?
Regarding V5, I don't see justification for it. I would view ECC DSA is
a variant of DSA. Granted, it as a change in public key algorithm, but
we have a mechanism to add new public key algorithm to RFC 4880.
Ian G wrote:
Lots of questions! For me, the confusion is swirling around these
questions:
The proposal in question is:
(a) Suite B
(b) ECC, and/or
(c) mobile
Is it one of these? All of them? Two of them?
I would argue that (a) sounds good. When the NSA speaks, I listen.
(normally it is the other way around...) I like their Suite B and
would copy it exactly, word for word, no deviations.
(b) sounds less good, as this involves much more work (e.g., doing it
properly) and would tempt me to say "wait for V5!" or "just listen to
the NSA, guys."
(c) is something that should be done by the mobile guys, as Dani
pointed out, there are special things that need to be considered.
One-size-fits-all will probably result in nobody being happy.
iang
|
|