> -----Original Message----- > From: Paul Hoffman [mailto:[email protected]] > Sent: Tuesday, July 24, 2012 4:53 PM > To: Dan Brown > Cc: IPsecme WG > Subject: Re: [IPsec] Using ECC Brainpool curves with ipsec > > On Jul 24, 2012, at 11:42 AM, Dan Brown wrote: > > > Do the Brainpool curves comply with all the requirements (and ideally the > recommendations too) that the ECDSA standards place on the elliptic curves? > > I'm confused by the question. "The ECDSA standards" (ANSI X9.62-2005 and SEC1- > v2.0) list things that newer curves might not meet because, well, they're > newer than the standards. Why should that be a limitation on what is used in > IPsec?
The next text after the question tried to clarify that I was not suggesting any such limitation. Anyway, to answer your question: considerable thought was put into ECC parameters in ECDSA standards, so their requirements should make for a good sanity check on any newer curves. (Are the Brainpool curves actually newer?) It should be possible to devise newer curve that also adheres to the past ECDSA standards, but if not, there should be a good reason. > > --Paul Hoffman --------------------------------------------------------------------- This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful. _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
