Hi
At the meeting today, I presented the SafeCurves draft status and asked the
room whether we wanted to wait for CFRG and Curdle to settle their respective
RFCs. The room was unanimously in favor of not having anything in the current
draft, instead using RFC 7427 digital signatures. To be certain if we *did*
wait, we’d just list the two OIDs from Curdle that we like (the non-prehashed
ones).
Quoting from the Curdle draft, they have this:
id-Curve25519 OBJECT IDENTIFIER ::= { 1.3.6.1.4.1.11591.15.1 }
id-Curve448 OBJECT IDENTIFIER ::= { 1.3.6.1.4.1.11591.15.2 }
id-Curve25519ph OBJECT IDENTIFIER ::= { 1.3.6.1.4.1.11591.15.3 }
id-Curve448ph OBJECT IDENTIFIER ::= { 1.3.6.1.4.1.11591.15.4 }
In other news, it turns out that we still have some discussion to go with
4307bis. So I suggest that we add these to table 9 of section 4.2 there as
follows:
+------------------------------------+------------+---------+
| Description | Status | Comment |
+------------------------------------+------------+---------+
| RSASSA-PSS with SHA-256 | SHOULD | |
| ecdsa-with-sha256 | SHOULD | |
| sha1WithRSAEncryption | SHOULD NOT | |
| dsa-with-sha1 | SHOULD NOT | |
| ecdsa-with-sha1 | SHOULD NOT | |
| RSASSA-PSS with Empty Parameters | SHOULD NOT | |
| RSASSA-PSS with Default Parameters | SHOULD NOT | |
| sha256WithRSAEncryption | MAY | |
| sha384WithRSAEncryption | MAY | |
| sha512WithRSAEncryption | MAY | |
| sha512WithRSAEncryption | MAY | |
| dsa-with-sha256 | MAY | |
| ecdsa-with-sha384 | MAY | |
| ecdsa-with-sha512 | MAY | ?SHOULD |
| id-Curve25519 | MAY | |
| id-Curve448 | MAY | |
| id-Curve25519ph | MUST NOT | |
| id-Curve448ph | MUST NOT | |
+------------------------------------+------------+---------+
What do others think?
Yoav
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec