Re: New version: draft-green-secsh-ecc-06

To: Douglas Stebila <douglas%stebila.ca@localhost>
Subject: Re: New version: draft-green-secsh-ecc-06
From: Damien Miller <djm%mindrot.org@localhost>
Date: Tue, 14 Apr 2009 14:06:48 +1000 (EST)

On Tue, 14 Apr 2009, Douglas Stebila wrote:

> A new version of the draft for elliptic curve cryptography in SSH has been
> posted.
> 
> http://www.ietf.org/internet-drafts/draft-green-secsh-ecc-06.txt
> 
> The main substantive revision is that ecdsa-sha2 is now using a family of
> identifiers (as ecdh-sha2-* does) to specify the curve at the algorithm
> negotiation stage.

I have to say that I really dislike the Base64(MD5(DER(OID))) encoding
of curve names into the kex method names. Why not just use the SEC names?
Actually, why bake the names into the kex names at all? (as opposed to
sending a curve spec as a parameter).

Do the many ECC patent apply to the methods described in this draft? It
seems to lack any section on IPR.

The "Security Considerations" section talks about the possible need to
replace SHA2 with other algorithms, but the name "sha2" is baked into
the kex method name. Should the hash algorithm be a parameter too?

-d

Follow-Ups:
- Re: New version: draft-green-secsh-ecc-06
  - From: Jeffrey Hutzelman
- Re: New version: draft-green-secsh-ecc-06
  - From: Timo J. Rinne
- Re: New version: draft-green-secsh-ecc-06
  - From: Peter Gutmann
- Re: New version: draft-green-secsh-ecc-06
  - From: Douglas Stebila

References:
- New version: draft-green-secsh-ecc-06
  - From: Douglas Stebila

Prev by Date: New version: draft-green-secsh-ecc-06
Next by Date: Re: New version: draft-green-secsh-ecc-06
Previous by Thread: New version: draft-green-secsh-ecc-06
Next by Thread: Re: New version: draft-green-secsh-ecc-06
Indexes:

Home | Main Index | Thread Index | Old Index