At 08:04 PM 12/23/2010, Brad Wetmore wrote: >> To use those EC curves in TLS, IANA need to register these curves[*]. >> Do you know any effort to use these curves in TLS? > >Xuelei was primarily asking about this from the TLS perspective. RFC 5639 >just claims its use would be consistent with the existing TLS ECC approaches, >but I don't know of current efforts to actually add them for TLS.
Yeah - I wasn't quite sure why TLS came up as the question was about brainpool for use in the ePassports. >For the more general case, we can consider it, but as with anything ECC, >patent issues will come up. If its just adding curve/OID/Name mappings to the EC base, there shouldn't be any issues with IPR. To be honest, I'm thinking that there ought to be a way to populate the table(s) from user space. The issue mostly comes up when trying to translate to/from PKCS11 domain parameters - if the entry isn't in the table (sun/security/ec/NamedCurve.java), there's no way to use the curve in PKCS11, even if the external provider supports it. Mike >RFC 5639 claims "no knowledge of any intellectual property rights...may >require use of inventions covered by patents rights." This would require >significant legal review. > >Brad > > > > > >On 12/22/2010 6:08 AM, Xuelei Fan wrote: >>Hi, >> >>To use those EC curves in TLS, IANA need to register these curves[*]. Do >>you know any effort to use these curves in TLS? >> >>Thanks, >>Xuelei >> >>[*] >>http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-8 >> >>On 12/22/2010 9:38 PM, Samuel Lidén Borell wrote: >>>Hi, >>> >>>Would it be possible to support Brainpool ECC [1] in OpenJDK (as named >>>curves)? The Brainpool curves are used in European ePassport deployments, >>>for example. >>> >>>I've submitted a RFE [2] and started working on a patch [3]. >>> >>>[1] http://tools.ietf.org/html/rfc5639 >>>[2] http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7007966 >>>[3] https://gist.github.com/740601 >>> >>>Regards, >>>Samuel Lidén Borell
