Re: Elliptic-Curve Diffie-Hellman Key Exchange draft

[Bill Sommerfeld <sommerfeld%east.sun.com@localhost>]

[wearing my WG chair hat.]
Doug:

There is an old story about how penguins decide it's safe to go
swimming.  A large crowd of them mill about near the edge of the ice,
jostling each other until finally one of them falls in.  The remaining
ones then see if the first bird gets eaten by a shark -- if not, the
rest jump in..

With ECC, we're in the milling-about stage.  Sharks have been sighted,
though not very recently.  But the penguins are still nervous and
really would prefer that someone else go first....

This WG has limited time and energy.  For this to be adopted as a WG
item I'll need to hear from a community of implementors interested in
adopting it.

When possible, this WG (like much of the IETF as a whole) has
traditionally preferred functionaly equivalent unencumbered technology
even when it has lower performance (see DSS vs RSA).

The message I'm getting from WG members who have spoken up thus far is
that the uncertainties regarding the ECC IPR situation make it
uninteresting to them.

As others have suggested, the name@domain syntax for negotiable
parameters within ssh allows ample room for interoperable
experimentation.  If folks are interested in pursuing the use of ECC
within the ssh protocol, I suggest that they get together off-list
with Doug and figure out what they want to do, and report back to me
and/or the WG.

						- Bill