IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: New version: draft-green-secsh-ecc-06
On Tue, 14 Apr 2009, Douglas Stebila wrote:
> A new version of the draft for elliptic curve cryptography in SSH has been
> posted.
>
> http://www.ietf.org/internet-drafts/draft-green-secsh-ecc-06.txt
>
> The main substantive revision is that ecdsa-sha2 is now using a family of
> identifiers (as ecdh-sha2-* does) to specify the curve at the algorithm
> negotiation stage.
I have to say that I really dislike the Base64(MD5(DER(OID))) encoding
of curve names into the kex method names. Why not just use the SEC names?
Actually, why bake the names into the kex names at all? (as opposed to
sending a curve spec as a parameter).
Do the many ECC patent apply to the methods described in this draft? It
seems to lack any section on IPR.
The "Security Considerations" section talks about the possible need to
replace SHA2 with other algorithms, but the name "sha2" is baked into
the kex method name. Should the hash algorithm be a parameter too?
-d
Home |
Main Index |
Thread Index |
Old Index