Andrey, > > For any new format / protocol / feature, RFC 6090 + > http://tools.ietf.org/html/draft-jivsov-ecc-compact should be a more > natural path.
Well, RFC 6090 is not always a good reference, at least it is very unfortunate that the signature scheme KT-I is not fully compatible with ECDSA (Errata 2777). > I agree that the statement was unclear. I was saying that because the > certificates contain only one public key, the > space saving is only size-of-the-curve+1 byte per certificate. Nonetheless, > given that certificates need to be > pre-processed and validated, and these results are often cached, the overhead > of calculation of the 'y' is probably not > material. For X.509 certificates, the ANSI format is already well established, so the alternative method is hardly relevant there. As you said, it is more a suggestion to consider for new specifications. -- Johannes _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
