ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Last Call: draft-green-secsh-ecc (Elliptic-Curve Algorithm Integration in the Secure Shell Transport Layer) to Informational RFC

2009-06-09 09:06:32
from [Sean Turner] [Permanent Link] 
Doug,

Thanks for the quick reply.

Douglas Stebila wrote:

On 2009-Jun-9, at 11:25 AM, Sean Turner wrote:
Other ECC documents in the IETF (TLS, SMIME, PKIX) indicate that support for compressed keys are MAY while this draft says MUST NOT for ECDSA and ECDH keys and MAY for ECMQV. What was the rationale for this?
Simplicity. In my opinion, compressed keys provide little benefit in practice. Certainly for ECDH there's no reason to use them. I would be willing to consider it as a MAY for ECDSA so that signing public keys can be reused between standards.
I tend to agree. I think most people are just going to do uncompressed and not bother with compressed. My concern is that somebody is going to generate compressed keys use them for TLS sessions (because they are allowed) and then not be able to use them for SSH. I'm not entirely sure that people will reuse keys for TLS for SSH, but it might happen. I guess I'm asking whether they should be MAY to match all the others for interoperability sake?
Sec 3.1.2: In TLS/SMIME/PKIX, the signature value (r&s) are integers but they are encoded together with the following syntax: 
Ecdsa-Sig-Value ::= SEQUENCE {
 r       INTEGER,
 s       INTEGER
}
Any chance of reuse?
No. The signature above is encoded using DER encoding of an ASN.1 sequence. There is almost no use of ASN.1 in the secure shell standards, so many SSH implementations may not have code to support DER encoding and decoding. I prefer to stay with the basic syntax that the secure shell standard provides. For those that do desire conversion between the two, it is easy to implement given a DER library. 

Fair enough I thought I'd give it a shot.
Does the Certicom IPR applies to this ID (it pretty much applies to all the other ECC RFCs/IDs)? 

According to
    https://datatracker.ietf.org/ipr/1154/
draft-green-secsh-ecc is included in the list of documents to which the IPR disclosure applies. 

You are right it is listed there.  I totally missed it.

spt
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] DNSSEC is NOT secure end to end, Andrew Sullivan
Next by Date:  Re: Last Call: draft-green-secsh-ecc (Elliptic-Curve Algorithm Integration in the Secure Shell Transport Layer) to Informational RFC, Douglas Stebila
Previous by Thread:  Re: Last Call: draft-green-secsh-ecc (Elliptic-Curve Algorithm Integration in the Secure Shell Transport Layer) to Informational RFC, Douglas Stebila
Next by Thread:  Re: Last Call: draft-green-secsh-ecc (Elliptic-Curve Algorithm Integration in the Secure Shell Transport Layer) to Informational RFC, Russ Housley
Indexes:  [Date] [Thread] [Top] [All Lists]