Paul Wouters writes: > I'm really against this solution. As you said, we can expect more of > this with ECC variants, and it will just be a large cluttering of the > integ registry.
Do you really think we will see this more in ECC? How will that happen more in the ECC? If I have Ed25519 key, why would someone go against the "SHOULD NOT" in draft-nir-ipsecme-eddsa draft and use something else than Ed25519, i.e., why would someone use Ed25519ph, or why would someone use ECDSA with Ed25519 key (even if it would be possible). Are people really going to mix different ECC keys with different algorithms? I would assume it would be better to just create separete keys for each signature algorithm, and not use the same key. With RSA I can see the reason, as people do want to reuse the old existing key they already have and want to use it with old RSA and with RSASSA-PSS, but I have not yet seen reason for that in ECC. So can you explain why you think this will happen in the ECC? -- [email protected] _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
