Hi all, Just a technical question, not very IPSec-specific:
Do the Brainpool curves comply with all the requirements (and ideally the recommendations too) that the ECDSA standards place on the elliptic curves? The intent of the ECDSA standards and IPSec is to have a secure, interoperable signature algorithm, which ought to be the case for the Brainpool curves used with ECDSA. So IPSec may choose to call various things "ECDSA", but IPSec may want to avoid saying something is ANSI X9.62-2005 unless if it is strictly compliant. The main ECDSA standards are ANSI X9.62-2005 and SEC1-v2.0 (which also specifies other ECC algorithms and syntax). FIPS 186-3 specifies ECDSA mostly by reference to ANSI X9.62-2005. ISO also specifies "EC-DSA". IEEE 1363-2000 and IEEE 1363a-2004 specify ECDSA under a slightly different acronym. As editor of ANSI X9.62-2005 and SEC1-v2.0, I ought able to help check compliance. As I recall, both standards impose requirements on the elliptic curves in order to avoid weak curves, and perhaps also to encourage interoperability. Maybe Johannes could contact me off-list to start this process. Best regards, Daniel Brown Research In Motion Limited --------------------------------------------------------------------- This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful. _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
