ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] PKI (RFC 5480) mapping to ECC keys (RFC 6637)

2013-07-20 03:25:06
from [Werner Koch] [Permanent Link] 
On Fri, 19 Jul 2013 22:23, openpgp(_at_)brainhub(_dot_)org said:


The simplification is generic. Now that we would have 3 IDs for ECC,
it is more efficient to check 18 <= x <= 20 then for 3 arbitrary


Compared to the cyrpto operations any efficieny here is a joke.


Do we know of at least one case when 20 is used in deployed
applications? This will be enough to require 22 for ECDSA+ECDH.


GnuPG supported this from 1998 to 1.3.5 (2004-02-26).  I have hundreds
of those signatures in my keyrings despite that there is no more support
in GnuPG.  Recycling this identifier would be a Bad Thing™.  Internal
PGP versions used a couple of the lower numbered IDs and they have not
been recycled, either.


Let me answer why do I think that ECDSA+ECDH ID is a useful feature.


I agree that it is useful; I only remarked that the X.509 based
rationale is a bit weak.


right now. Assuming that most OpenPGP keys are RSA keys, they use
sign+encrypt ID 1 and then use the appropriate key usage flags.


Or 2 or 3.  They still pop once once in a while.


The compact ECC point representation plus ECDSA+ECDH ID in a single
document is one way to do this.



From my understanding of the IETF procedures this will indeed be the

case.


I was wondering, however, that given that ECDSA+ECDH ID is such an
easy change that fits in a few sentences, it feels like an errata to
the RFC 6637. All it needs to say is that "use ID 2x for ECDSA+ECDH"
and then define that ID in another sentence.


Maybe, but recall rfc4880 states:

   initial values for this registry can be found in Section 9.  Adding a
   new public-key algorithm MUST be done through the IETF CONSENSUS
   method, as described in [RFC2434].

That is for an algorithm but not the id, though.  Please use whatever is
the easiest way for you.

I would appreciate if we could informally agree on an identifier right
now so that I can put it into the next GnuPG 1.4 release which is due in
a few days.  This would avoid a '?' as algorithm in a key listing.


Salam-Shalom,

   Werner


-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] PKI (RFC 5480) mapping to ECC keys (RFC 6637), Paul Wouters
Next by Date:  Re: [openpgp] PKI (RFC 5480) mapping to ECC keys (RFC 6637), Andrey Jivsov
Previous by Thread:  Re: [openpgp] PKI (RFC 5480) mapping to ECC keys (RFC 6637), Paul Wouters
Next by Thread:  Re: [openpgp] PKI (RFC 5480) mapping to ECC keys (RFC 6637), Andrey Jivsov
Indexes:  [Date] [Thread] [Top] [All Lists]