Hi Everyone,
Elliptic curves can have two presentations. The first is a friendly name,
like "secp256r1" (or its OID). The second is the full parameter expansion,
like using the domain parameters {p,ab,n,G,h,n}. By default we use the
second method - domain parameter expansion.
We can promote interop by using the curve name rather than the domain
parameters. Some standards, like some of the RFCs, favor friendly names. In
fact, they say to fail certificate validation if a named curve is not
present (even if the domain parameters are).
We can also avoid subtle bugs like this one at OpenSSL:
http://wiki.openssl.org/index.php/Elliptic_Curve_Cryptography#Named_Curves.
I'd like to try using named curves by default with Crypto++. I believe its
as simple as "m_encodeAsOID(true)"
(http://github.com/weidai11/cryptopp/blob/master/eccrypto.h#L40).
Are there any thoughts or objections?
Jeff
--
--
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
---
You received this message because you are subscribed to the Google Groups
"Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
