I think you convinced me. And to think of it, I never did like binary curves. :-)
No binary curves for the future. :-) Tnx! Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network. From: Tony Arcieri Sent: Wednesday, July 15, 2015 22:32 To: Rene Struik Cc: <[email protected]> Subject: Re: [TLS] (selection criteria for crypto primitives) Re: sect571r1 To respond more specifically to your concerns: On Wed, Jul 15, 2015 at 6:42 PM, Rene Struik <[email protected]> wrote: It seems prudent to keep some diversity of the gene pool and not only have curves defined over prime curves. Similarly, one should perhaps have some diversity of gene pool criteria within the set of recommend curves and not only include special primes. Should some problem with a particular subclass show up over time, one then at least has other classes available. Binary curves in particular are showing warning signs of potential future security issues: https://eprint.iacr.org/2015/310.pdf I think even if we don't completely pare down the TLS curve portfolio to the list I suggested, if nothing else I would like to see binary curves removed. -- Tony Arcieri
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
