---------- Forwarded message ----------
From:
<bugzilla@jessica.w3.org>Date: 13 October 2014 09:18
Subject: [Bug 24444] Named Curve Registry (adding secp256k1)
To:
melvincarvalho@gmail.comhttps://www.w3.org/Bugs/Public/show_bug.cgi?id=24444
Myron Davis <
myrond@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
CC| |
myrond@gmail.com
Resolution|NEEDSINFO |---
--- Comment #2 from Myron Davis <
myrond@gmail.com> ---
Could this be looked at again?
Last response was waiting for feedback from crypto implementors.
Currently secp256k1 is supported in the following SSL/TLS libraries now
Botan
NSS
openssl
LibreSSL
PolarSSL
JSSE
The three other curves are all all have parameters which do not define how they
were generated. secp256k1 curve has some great advantages in faster signature
verification and how the values were determined for the curve. (i.e. not
random).
http://www.ietf.org/rfc/rfc4492
The curve has had a lot of eyes on it with lots of hardware and software
supporting this curve.
With discovery of backdoor's in NIST's random number generator
(
https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html ) I would
like to see a determined parameter curve instead of a "random" curve option.
Thanks
--
You are receiving this mail because:
You reported the bug.