From paul.hoffman@vpnc.org Thu Feb 3 06:34:29 2011 Return-Path: X-Original-To: saag@core3.amsl.com Delivered-To: saag@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 61ACF3A6974 for ; Thu, 3 Feb 2011 06:34:29 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -101.757 X-Spam-Level: X-Spam-Status: No, score=-101.757 tagged_above=-999 required=5 tests=[AWL=0.289, BAYES_00=-2.599, HELO_MISMATCH_COM=0.553, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EVOkWoyJg94b for ; Thu, 3 Feb 2011 06:34:28 -0800 (PST) Received: from hoffman.proper.com (Hoffman.Proper.COM [207.182.41.81]) by core3.amsl.com (Postfix) with ESMTP id A26BC3A67EB for ; Thu, 3 Feb 2011 06:34:28 -0800 (PST) Received: from MacBook-08.local (75-101-30-90.dsl.dynamic.sonic.net [75.101.30.90]) (authenticated bits=0) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id p13Ebo4C055890 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2011 07:37:50 -0700 (MST) (envelope-from paul.hoffman@vpnc.org) Message-ID: <4D4ABDBE.1040409@vpnc.org> Date: Thu, 03 Feb 2011 06:37:50 -0800 From: Paul Hoffman User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.13) Gecko/20101207 Thunderbird/3.1.7 MIME-Version: 1.0 To: saag@ietf.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: [saag] Fwd: RFC 6090 on Fundamental Elliptic Curve Cryptography Algorithms X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Feb 2011 14:34:29 -0000 Congrats on this getting published! How about a bit more deployment now, eh? --Paul Hoffman -------- Original Message -------- Subject: RFC 6090 on Fundamental Elliptic Curve Cryptography Algorithms Date: Wed, 2 Feb 2011 20:03:26 -0800 (PST) From: rfc-editor@rfc-editor.org To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org CC: rfc-editor@rfc-editor.org A new Request for Comments is now available in online RFC libraries. RFC 6090 Title: Fundamental Elliptic Curve Cryptography Algorithms Author: D. McGrew, K. Igoe, M. Salter Status: Informational Stream: IETF Date: February 2011 Mailbox: mcgrew@cisco.com, kmigoe@nsa.gov, msalter@restarea.ncsc.mil Pages: 34 Characters: 75993 Updates/Obsoletes/SeeAlso: None I-D Tag: draft-mcgrew-fundamental-ecc-04.txt URL: http://www.rfc-editor.org/rfc/rfc6090.txt This note describes the fundamental algorithms of Elliptic Curve Cryptography (ECC) as they were defined in some seminal references from 1994 and earlier. These descriptions may be useful for implementing the fundamental algorithms without using any of the specialized methods that were developed in following years. Only elliptic curves defined over fields of characteristic greater than three are in scope; these curves are those used in Suite B. This document is not an Internet Standards Track specification; it is published for informational purposes. INFORMATIONAL: This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. From turners@ieca.com Fri Feb 4 12:08:05 2011 Return-Path: X-Original-To: saag@core3.amsl.com Delivered-To: saag@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B29513A6A4C for ; Fri, 4 Feb 2011 12:08:05 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -101.624 X-Spam-Level: X-Spam-Status: No, score=-101.624 tagged_above=-999 required=5 tests=[AWL=-0.515, BAYES_05=-1.11, UNPARSEABLE_RELAY=0.001, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sDCjO9PW1oNM for ; Fri, 4 Feb 2011 12:08:05 -0800 (PST) Received: from nm20.bullet.mail.ne1.yahoo.com (nm20.bullet.mail.ne1.yahoo.com [98.138.90.83]) by core3.amsl.com (Postfix) with SMTP id E00DE3A69A9 for ; Fri, 4 Feb 2011 12:08:04 -0800 (PST) Received: from [98.138.90.53] by nm20.bullet.mail.ne1.yahoo.com with NNFMP; 04 Feb 2011 20:11:30 -0000 Received: from [98.138.87.12] by tm6.bullet.mail.ne1.yahoo.com with NNFMP; 04 Feb 2011 20:11:30 -0000 Received: from [127.0.0.1] by omp1012.mail.ne1.yahoo.com with NNFMP; 04 Feb 2011 20:11:30 -0000 X-Yahoo-Newman-Id: 651824.77165.bm@omp1012.mail.ne1.yahoo.com Received: (qmail 7994 invoked from network); 4 Feb 2011 20:11:30 -0000 Received: from thunderfish.local (turners@96.231.128.4 with plain) by smtp113.biz.mail.mud.yahoo.com with SMTP; 04 Feb 2011 12:11:30 -0800 PST X-Yahoo-SMTP: ZrP3VLSswBDL75pF8ymZHDSu9B.vcMfDPgLJ X-YMail-OSG: wMqVzKsVM1munlpYrRWACqRQUeJvMaErrZKvdGkYvKSO7HL JhLu_cpDx24IxRfnlxBd7JFm8JYUc3O1he6.I1pzbi_cHgXNiTbG1F56gmwH 7CVSvwiQiOul0I8bKjGJNaYId3raJXPvEGevkjMZl7ynzOesP0NRQvsXfwX8 UvlquAijDPLB68GVLlTCtsCQqQpeLpZK4U_KEkQC6NGHkO9DsbVc9nW7aK5f l24TGRZ2MXk2uc5OcX6VpoVQsGL7cju86mM6bKyseEMrG1EB_24kYjIg- X-Yahoo-Newman-Property: ymail-3 Message-ID: <4D4C5D71.7090300@ieca.com> Date: Fri, 04 Feb 2011 15:11:29 -0500 From: Sean Turner User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.13) Gecko/20101207 Lightning/1.0b2 Thunderbird/3.1.7 MIME-Version: 1.0 To: saag@ietf.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: [saag] Call for SAAG presentation topics X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Feb 2011 20:08:05 -0000 All, Tim, Stephen, and I are putting together the SAAG agendas for Prague and Quebec City. The agenda traditionally includes one or two invited presentations after the working group reports. If you believe a topic would be of interest to the community, then please suggest it to us. If you can identify an appropriate presenter (not necessarily yourself) that would be helpful. Also, please indicate whether you'd prefer Prague or Quebec City. Thanks, spt P.S. We've already received one request. From rgm-sec@htt-consult.com Thu Feb 10 12:55:52 2011 Return-Path: X-Original-To: saag@core3.amsl.com Delivered-To: saag@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 739093A6901 for ; Thu, 10 Feb 2011 12:55:52 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id srejIOG1KOo7 for ; Thu, 10 Feb 2011 12:55:51 -0800 (PST) Received: from klovia.htt-consult.com (klovia.htt-consult.com [208.83.67.149]) by core3.amsl.com (Postfix) with ESMTP id 7D03E3A6833 for ; Thu, 10 Feb 2011 12:55:51 -0800 (PST) Received: from localhost (unknown [127.0.0.1]) by klovia.htt-consult.com (Postfix) with ESMTP id 99B3362AD5 for ; Thu, 10 Feb 2011 20:55:32 +0000 (UTC) X-Virus-Scanned: amavisd-new at localhost Received: from klovia.htt-consult.com ([127.0.0.1]) by localhost (klovia.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ygkV3v8qFMQv for ; Thu, 10 Feb 2011 15:55:10 -0500 (EST) Received: from nc2400.htt-consult.com (nc2400.htt-consult.com [208.83.67.155]) (Authenticated sender: rgm-sec@htt-consult.com) by klovia.htt-consult.com (Postfix) with ESMTPSA id 9FF1262AE4 for ; Thu, 10 Feb 2011 15:55:10 -0500 (EST) Message-ID: <4D5450AE.5080205@htt-consult.com> Date: Thu, 10 Feb 2011 15:55:10 -0500 From: Robert Moskowitz User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101209 Fedora/3.1.7-0.35.b3pre.fc14 Thunderbird/3.1.7 MIME-Version: 1.0 To: saag@ietf.org References: <4D4ABDBE.1040409@vpnc.org> In-Reply-To: <4D4ABDBE.1040409@vpnc.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [saag] Fwd: RFC 6090 on Fundamental Elliptic Curve Cryptography Algorithms X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Feb 2011 20:55:52 -0000 On 02/03/2011 09:37 AM, Paul Hoffman wrote: > Congrats on this getting published! How about a bit more deployment > now, eh? has there been any library development yet? I am interested in code size for ECDSA and ECDH using this RFC. > > --Paul Hoffman > > -------- Original Message -------- > Subject: RFC 6090 on Fundamental Elliptic Curve Cryptography Algorithms > Date: Wed, 2 Feb 2011 20:03:26 -0800 (PST) > From: rfc-editor@rfc-editor.org > To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org > CC: rfc-editor@rfc-editor.org > > > A new Request for Comments is now available in online RFC libraries. > > > RFC 6090 > > Title: Fundamental Elliptic Curve Cryptography Algorithms > Author: D. McGrew, K. Igoe, > M. Salter > Status: Informational > Stream: IETF > Date: February 2011 > Mailbox: mcgrew@cisco.com, > kmigoe@nsa.gov, > msalter@restarea.ncsc.mil > Pages: 34 > Characters: 75993 > Updates/Obsoletes/SeeAlso: None > > I-D Tag: draft-mcgrew-fundamental-ecc-04.txt > > URL: http://www.rfc-editor.org/rfc/rfc6090.txt > > This note describes the fundamental algorithms of Elliptic Curve > Cryptography (ECC) as they were defined in some seminal references > from 1994 and earlier. These descriptions may be useful for > implementing the fundamental algorithms without using any of the > specialized methods that were developed in following years. Only > elliptic curves defined over fields of characteristic greater than > three are in scope; these curves are those used in Suite B. > This document is not an Internet Standards Track specification; it is > published for informational purposes. > > > INFORMATIONAL: This memo provides information for the Internet community. > It does not specify an Internet standard of any kind. Distribution of > this memo is unlimited. > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag > From housley@vigilsec.com Thu Feb 10 16:14:37 2011 Return-Path: X-Original-To: saag@core3.amsl.com Delivered-To: saag@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 878103A6AF1 for ; Thu, 10 Feb 2011 16:14:37 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.598 X-Spam-Level: X-Spam-Status: No, score=-102.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c5ghBdDs0Owu for ; Thu, 10 Feb 2011 16:14:36 -0800 (PST) Received: from odin.smetech.net (mail.smetech.net [208.254.26.82]) by core3.amsl.com (Postfix) with ESMTP id 5ACE83A6ADC for ; Thu, 10 Feb 2011 16:14:36 -0800 (PST) Received: from localhost (unknown [208.254.26.81]) by odin.smetech.net (Postfix) with ESMTP id A4CE8F2401A for ; Thu, 10 Feb 2011 19:14:51 -0500 (EST) X-Virus-Scanned: amavisd-new at smetech.net Received: from odin.smetech.net ([208.254.26.82]) by localhost (ronin.smetech.net [208.254.26.81]) (amavisd-new, port 10024) with ESMTP id lH7pYOx7biEZ for ; Thu, 10 Feb 2011 19:14:48 -0500 (EST) Received: from client65-50.sdsc.edu (client65-50.sdsc.edu [132.249.65.50]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by odin.smetech.net (Postfix) with ESMTP id 840C19A4732 for ; Thu, 10 Feb 2011 19:14:50 -0500 (EST) From: Russ Housley Content-Type: multipart/alternative; boundary=Apple-Mail-25--898976378 Date: Thu, 10 Feb 2011 19:14:47 -0500 References: To: IETF SAAG Message-Id: <97F21856-6249-4A4D-B917-233F2027808A@vigilsec.com> Mime-Version: 1.0 (Apple Message framework v1082) X-Mailer: Apple Mail (2.1082) Subject: [saag] Fwd: NIST Releases Two Special Publications For Comment X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Feb 2011 00:14:37 -0000 --Apple-Mail-25--898976378 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=windows-1252 =20 > NIST requests comments on the following two draft publications: >=20 > =20 >=20 > Draft Special Publication (SP) 800-131B, Transitions: Validation of = Transitioning Cryptographic Algorithm and Key Lengths. SP 800-131B = provides details about the validation of the cryptographic algorithms = and cryptographic modules in transition, as specified in SP 800-131A. = Please send comments to CryptoTransitions@nist.gov by March 31, 2011, = with =93SP 800-131B comments=94 in the subject line. >=20 > =20 >=20 > Draft Special Publication (SP) 800-131C, Transitions: Validating the = Transition from FIPS 186-2 to FIPS 186-3. SP 800-131C addresses both the = cryptographic algorithm validations and the cryptographic module = validations that are conducted by NIST=92s Cryptographic Algorithm = Validation Program (CAVP) and the Cryptographic Module Validation = Program (CMVP), respectively. Please send comments to = CryptoTransitions@nist.gov by March 31, 2011, with =93SP 800-131C = comments=94 in the subject line. >=20 --Apple-Mail-25--898976378 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=windows-1252

NIST requests comments on the = following two draft publications:

 

Draft Special Publication (SP) 800-131B, Transitions: Validation of Transitioning Cryptographic Algorithm and Key = Lengths. SP 800-131B provides details about the validation of the cryptographic = algorithms and cryptographic modules in transition, as specified in SP 800-131A. = Please send comments to CryptoTransitions@nist.gov by March 31, 2011, with =93SP 800-131B comments=94 in the subject line.

 

Draft Special Publication (SP) 800-131C, Transitions: Validating the Transition from FIPS 186-2 to FIPS = 186-3. SP 800-131C addresses both the cryptographic algorithm validations and the cryptographic module validations that are conducted by NIST=92s Cryptographic Algorithm Validation Program (CAVP) and the Cryptographic = Module Validation Program (CMVP), respectively. Please send comments to = CryptoTransitions@nist.gov by March 31, 2011, with =93SP 800-131C comments=94 in the subject line.


= --Apple-Mail-25--898976378-- From dharkins@lounge.org Thu Feb 10 16:21:15 2011 Return-Path: X-Original-To: saag@core3.amsl.com Delivered-To: saag@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 527CA3A6AF1 for ; Thu, 10 Feb 2011 16:21:15 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.265 X-Spam-Level: X-Spam-Status: No, score=-6.265 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tmpQ2WTENIwc for ; Thu, 10 Feb 2011 16:21:14 -0800 (PST) Received: from colo.trepanning.net (colo.trepanning.net [69.55.226.174]) by core3.amsl.com (Postfix) with ESMTP id 69CF13A67D4 for ; Thu, 10 Feb 2011 16:21:14 -0800 (PST) Received: from www.trepanning.net (localhost [127.0.0.1]) by colo.trepanning.net (Postfix) with ESMTP id DF5291022404E; Thu, 10 Feb 2011 16:21:27 -0800 (PST) Received: from 69.12.173.8 (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Thu, 10 Feb 2011 16:21:28 -0800 (PST) Message-ID: In-Reply-To: <4D5450AE.5080205@htt-consult.com> References: <4D4ABDBE.1040409@vpnc.org> <4D5450AE.5080205@htt-consult.com> Date: Thu, 10 Feb 2011 16:21:28 -0800 (PST) From: "Dan Harkins" To: "Robert Moskowitz" User-Agent: SquirrelMail/1.4.14 [SVN] MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Cc: saag@ietf.org Subject: Re: [saag] Fwd: RFC 6090 on Fundamental Elliptic Curve Cryptography Algorithms X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Feb 2011 00:21:15 -0000 OpenSSL has supported EC since version 0.9.8. Dan. On Thu, February 10, 2011 12:55 pm, Robert Moskowitz wrote: > On 02/03/2011 09:37 AM, Paul Hoffman wrote: >> Congrats on this getting published! How about a bit more deployment >> now, eh? > > has there been any library development yet? I am interested in code size > for ECDSA and ECDH using this RFC. > >> >> --Paul Hoffman >> >> -------- Original Message -------- >> Subject: RFC 6090 on Fundamental Elliptic Curve Cryptography Algorithms >> Date: Wed, 2 Feb 2011 20:03:26 -0800 (PST) >> From: rfc-editor@rfc-editor.org >> To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org >> CC: rfc-editor@rfc-editor.org >> >> >> A new Request for Comments is now available in online RFC libraries. >> >> >> RFC 6090 >> >> Title: Fundamental Elliptic Curve Cryptography Algorithms >> Author: D. McGrew, K. Igoe, >> M. Salter >> Status: Informational >> Stream: IETF >> Date: February 2011 >> Mailbox: mcgrew@cisco.com, >> kmigoe@nsa.gov, >> msalter@restarea.ncsc.mil >> Pages: 34 >> Characters: 75993 >> Updates/Obsoletes/SeeAlso: None >> >> I-D Tag: draft-mcgrew-fundamental-ecc-04.txt >> >> URL: http://www.rfc-editor.org/rfc/rfc6090.txt >> >> This note describes the fundamental algorithms of Elliptic Curve >> Cryptography (ECC) as they were defined in some seminal references >> from 1994 and earlier. These descriptions may be useful for >> implementing the fundamental algorithms without using any of the >> specialized methods that were developed in following years. Only >> elliptic curves defined over fields of characteristic greater than >> three are in scope; these curves are those used in Suite B. >> This document is not an Internet Standards Track specification; it is >> published for informational purposes. >> >> >> INFORMATIONAL: This memo provides information for the Internet >> community. >> It does not specify an Internet standard of any kind. Distribution of >> this memo is unlimited. >> _______________________________________________ >> saag mailing list >> saag@ietf.org >> https://www.ietf.org/mailman/listinfo/saag >> > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag > From rgm-sec@htt-consult.com Thu Feb 10 20:35:07 2011 Return-Path: X-Original-To: saag@core3.amsl.com Delivered-To: saag@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 163D63A6866 for ; Thu, 10 Feb 2011 20:35:07 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s7kfLIkaJAzs for ; Thu, 10 Feb 2011 20:35:05 -0800 (PST) Received: from klovia.htt-consult.com (klovia.htt-consult.com [208.83.67.149]) by core3.amsl.com (Postfix) with ESMTP id E00CA3A6844 for ; Thu, 10 Feb 2011 20:35:04 -0800 (PST) Received: from localhost (unknown [127.0.0.1]) by klovia.htt-consult.com (Postfix) with ESMTP id AB4A462A9A; Fri, 11 Feb 2011 04:34:46 +0000 (UTC) X-Virus-Scanned: amavisd-new at localhost Received: from klovia.htt-consult.com ([127.0.0.1]) by localhost (klovia.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ld8MxfygVDH5; Thu, 10 Feb 2011 23:34:18 -0500 (EST) Received: from nc2400.htt-consult.com (nc2400.htt-consult.com [208.83.67.155]) (Authenticated sender: rgm-sec@htt-consult.com) by klovia.htt-consult.com (Postfix) with ESMTPSA id 8243762A98; Thu, 10 Feb 2011 23:34:18 -0500 (EST) Message-ID: <4D54BC4A.8060202@htt-consult.com> Date: Thu, 10 Feb 2011 23:34:18 -0500 From: Robert Moskowitz User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101209 Fedora/3.1.7-0.35.b3pre.fc14 Thunderbird/3.1.7 MIME-Version: 1.0 To: Dan Harkins References: <4D4ABDBE.1040409@vpnc.org> <4D5450AE.5080205@htt-consult.com> In-Reply-To: Content-Type: text/plain; charset=iso-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: saag@ietf.org Subject: Re: [saag] Fwd: RFC 6090 on Fundamental Elliptic Curve Cryptography Algorithms X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Feb 2011 04:35:07 -0000 On 02/10/2011 07:21 PM, Dan Harkins wrote: > OpenSSL has supported EC since version 0.9.8. I am aware of that, but what algoritm(s) does it use? The ones in 6090 or something else? Where is it documented what underlying algorithm it uses for ECDSA and ECDH? > Dan. > > On Thu, February 10, 2011 12:55 pm, Robert Moskowitz wrote: >> On 02/03/2011 09:37 AM, Paul Hoffman wrote: >>> Congrats on this getting published! How about a bit more deployment >>> now, eh? >> has there been any library development yet? I am interested in code size >> for ECDSA and ECDH using this RFC. >> >>> --Paul Hoffman >>> >>> -------- Original Message -------- >>> Subject: RFC 6090 on Fundamental Elliptic Curve Cryptography Algorithms >>> Date: Wed, 2 Feb 2011 20:03:26 -0800 (PST) >>> From: rfc-editor@rfc-editor.org >>> To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org >>> CC: rfc-editor@rfc-editor.org >>> >>> >>> A new Request for Comments is now available in online RFC libraries. >>> >>> >>> RFC 6090 >>> >>> Title: Fundamental Elliptic Curve Cryptography Algorithms >>> Author: D. McGrew, K. Igoe, >>> M. Salter >>> Status: Informational >>> Stream: IETF >>> Date: February 2011 >>> Mailbox: mcgrew@cisco.com, >>> kmigoe@nsa.gov, >>> msalter@restarea.ncsc.mil >>> Pages: 34 >>> Characters: 75993 >>> Updates/Obsoletes/SeeAlso: None >>> >>> I-D Tag: draft-mcgrew-fundamental-ecc-04.txt >>> >>> URL: http://www.rfc-editor.org/rfc/rfc6090.txt >>> >>> This note describes the fundamental algorithms of Elliptic Curve >>> Cryptography (ECC) as they were defined in some seminal references >>> from 1994 and earlier. These descriptions may be useful for >>> implementing the fundamental algorithms without using any of the >>> specialized methods that were developed in following years. Only >>> elliptic curves defined over fields of characteristic greater than >>> three are in scope; these curves are those used in Suite B. >>> This document is not an Internet Standards Track specification; it is >>> published for informational purposes. >>> >>> >>> INFORMATIONAL: This memo provides information for the Internet >>> community. >>> It does not specify an Internet standard of any kind. Distribution of >>> this memo is unlimited. >>> _______________________________________________ >>> saag mailing list >>> saag@ietf.org >>> https://www.ietf.org/mailman/listinfo/saag >>> >> _______________________________________________ >> saag mailing list >> saag@ietf.org >> https://www.ietf.org/mailman/listinfo/saag >> > > From dharkins@lounge.org Thu Feb 10 23:37:17 2011 Return-Path: X-Original-To: saag@core3.amsl.com Delivered-To: saag@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 118263A685D for ; Thu, 10 Feb 2011 23:37:17 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.265 X-Spam-Level: X-Spam-Status: No, score=-6.265 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yu7N7VK7rJu9 for ; Thu, 10 Feb 2011 23:37:14 -0800 (PST) Received: from colo.trepanning.net (colo.trepanning.net [69.55.226.174]) by core3.amsl.com (Postfix) with ESMTP id B11233A688C for ; Thu, 10 Feb 2011 23:37:14 -0800 (PST) Received: from www.trepanning.net (localhost [127.0.0.1]) by colo.trepanning.net (Postfix) with ESMTP id DE16F1022400A; Thu, 10 Feb 2011 23:37:28 -0800 (PST) Received: from 69.12.173.8 (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Thu, 10 Feb 2011 23:37:29 -0800 (PST) Message-ID: <2986b7a21846e8c14810568e85a6c7f6.squirrel@www.trepanning.net> In-Reply-To: <4D54BC4A.8060202@htt-consult.com> References: <4D4ABDBE.1040409@vpnc.org> <4D5450AE.5080205@htt-consult.com> <4D54BC4A.8060202@htt-consult.com> Date: Thu, 10 Feb 2011 23:37:29 -0800 (PST) From: "Dan Harkins" To: "Robert Moskowitz" User-Agent: SquirrelMail/1.4.14 [SVN] MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Cc: saag@ietf.org Subject: Re: [saag] Fwd: RFC 6090 on Fundamental Elliptic Curve Cryptography Algorithms X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Feb 2011 07:37:17 -0000 On Thu, February 10, 2011 8:34 pm, Robert Moskowitz wrote: > On 02/10/2011 07:21 PM, Dan Harkins wrote: >> OpenSSL has supported EC since version 0.9.8. > > I am aware of that, but what algoritm(s) does it use? The ones in 6090 > or something else? Where is it documented what underlying algorithm it > uses for ECDSA and ECDH? The underlying algorithms _are_ ECDSA and ECDH. If you're asking whether the algorithms are strictly "fundamental" (in the sense of 6090) or whether they stray off into problematic areas then you'll have to arrive at that conclusion yourself. But a compliant implementation of RFC 6090-specified ECDSA and ECDH will interoperate with OpenSSL. Dan. >> On Thu, February 10, 2011 12:55 pm, Robert Moskowitz wrote: >>> On 02/03/2011 09:37 AM, Paul Hoffman wrote: >>>> Congrats on this getting published! How about a bit more deployment >>>> now, eh? >>> has there been any library development yet? I am interested in code >>> size >>> for ECDSA and ECDH using this RFC. >>> >>>> --Paul Hoffman >>>> >>>> -------- Original Message -------- >>>> Subject: RFC 6090 on Fundamental Elliptic Curve Cryptography >>>> Algorithms >>>> Date: Wed, 2 Feb 2011 20:03:26 -0800 (PST) >>>> From: rfc-editor@rfc-editor.org >>>> To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org >>>> CC: rfc-editor@rfc-editor.org >>>> >>>> >>>> A new Request for Comments is now available in online RFC libraries. >>>> >>>> >>>> RFC 6090 >>>> >>>> Title: Fundamental Elliptic Curve Cryptography Algorithms >>>> Author: D. McGrew, K. Igoe, >>>> M. Salter >>>> Status: Informational >>>> Stream: IETF >>>> Date: February 2011 >>>> Mailbox: mcgrew@cisco.com, >>>> kmigoe@nsa.gov, >>>> msalter@restarea.ncsc.mil >>>> Pages: 34 >>>> Characters: 75993 >>>> Updates/Obsoletes/SeeAlso: None >>>> >>>> I-D Tag: draft-mcgrew-fundamental-ecc-04.txt >>>> >>>> URL: http://www.rfc-editor.org/rfc/rfc6090.txt >>>> >>>> This note describes the fundamental algorithms of Elliptic Curve >>>> Cryptography (ECC) as they were defined in some seminal references >>>> from 1994 and earlier. These descriptions may be useful for >>>> implementing the fundamental algorithms without using any of the >>>> specialized methods that were developed in following years. Only >>>> elliptic curves defined over fields of characteristic greater than >>>> three are in scope; these curves are those used in Suite B. >>>> This document is not an Internet Standards Track specification; it is >>>> published for informational purposes. >>>> >>>> >>>> INFORMATIONAL: This memo provides information for the Internet >>>> community. >>>> It does not specify an Internet standard of any kind. Distribution of >>>> this memo is unlimited. >>>> _______________________________________________ >>>> saag mailing list >>>> saag@ietf.org >>>> https://www.ietf.org/mailman/listinfo/saag >>>> >>> _______________________________________________ >>> saag mailing list >>> saag@ietf.org >>> https://www.ietf.org/mailman/listinfo/saag >>> >> >> > From mcgrew@cisco.com Fri Feb 11 03:15:03 2011 Return-Path: X-Original-To: saag@core3.amsl.com Delivered-To: saag@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BDC2D3A68DB for ; Fri, 11 Feb 2011 03:15:03 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -110.599 X-Spam-Level: X-Spam-Status: No, score=-110.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1QRRsGk77HMs for ; Fri, 11 Feb 2011 03:15:02 -0800 (PST) Received: from sj-iport-5.cisco.com (sj-iport-5.cisco.com [171.68.10.87]) by core3.amsl.com (Postfix) with ESMTP id A06EC3A6892 for ; Fri, 11 Feb 2011 03:15:02 -0800 (PST) Authentication-Results: sj-iport-5.cisco.com; dkim=neutral (message not signed) header.i=none X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AvsEANKoVE2rR7Ht/2dsb2JhbACldXOgHJs5hVwEhQGGew X-IronPort-AV: E=Sophos;i="4.60,454,1291593600"; d="scan'208";a="328342688" Received: from sj-core-1.cisco.com ([171.71.177.237]) by sj-iport-5.cisco.com with ESMTP; 11 Feb 2011 11:15:16 +0000 Received: from stealth-10-32-254-211.cisco.com (stealth-10-32-254-211.cisco.com [10.32.254.211]) by sj-core-1.cisco.com (8.13.8/8.14.3) with ESMTP id p1BBFFVG021848; Fri, 11 Feb 2011 11:15:15 GMT From: David McGrew To: Dan Harkins , Robert Moskowitz In-Reply-To: <2986b7a21846e8c14810568e85a6c7f6.squirrel@www.trepanning.net> X-Priority: 3 (Normal) References: <4D4ABDBE.1040409@vpnc.org> <4D5450AE.5080205@htt-consult.com> <4D54BC4A.8060202@htt-consult.com> <2986b7a21846e8c14810568e85a6c7f6.squirrel@www.trepanning.net> Message-Id: <7F4D9DFA-C04F-456E-A51E-D048B4C89500@cisco.com> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v936) Date: Fri, 11 Feb 2011 03:15:13 -0800 X-Mailer: Apple Mail (2.936) Cc: saag@ietf.org Subject: Re: [saag] Fwd: RFC 6090 on Fundamental Elliptic Curve Cryptography Algorithms X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Feb 2011 11:15:03 -0000 Hi Dan and Robert, On Feb 10, 2011, at 11:37 PM, Dan Harkins wrote: > > > On Thu, February 10, 2011 8:34 pm, Robert Moskowitz wrote: >> On 02/10/2011 07:21 PM, Dan Harkins wrote: >>> OpenSSL has supported EC since version 0.9.8. >> >> I am aware of that, but what algoritm(s) does it use? The ones in >> 6090 >> or something else? Where is it documented what underlying >> algorithm it >> uses for ECDSA and ECDH? > > The underlying algorithms _are_ ECDSA and ECDH. If you're asking > whether the algorithms are strictly "fundamental" (in the sense of > 6090) > or whether they stray off into problematic areas then you'll have to > arrive at that conclusion yourself. But a compliant implementation of > RFC 6090-specified ECDSA and ECDH will interoperate with OpenSSL. > Right. Also, the openSSL ECC implementation contributed by Sun contains a lot of ECC that is out of scope for RFC6090, such as different curves and representations. David > Dan. > >>> On Thu, February 10, 2011 12:55 pm, Robert Moskowitz wrote: >>>> On 02/03/2011 09:37 AM, Paul Hoffman wrote: >>>>> Congrats on this getting published! How about a bit more >>>>> deployment >>>>> now, eh? >>>> has there been any library development yet? I am interested in code >>>> size >>>> for ECDSA and ECDH using this RFC. >>>> >>>>> --Paul Hoffman >>>>> >>>>> -------- Original Message -------- >>>>> Subject: RFC 6090 on Fundamental Elliptic Curve Cryptography >>>>> Algorithms >>>>> Date: Wed, 2 Feb 2011 20:03:26 -0800 (PST) >>>>> From: rfc-editor@rfc-editor.org >>>>> To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org >>>>> CC: rfc-editor@rfc-editor.org >>>>> >>>>> >>>>> A new Request for Comments is now available in online RFC >>>>> libraries. >>>>> >>>>> >>>>> RFC 6090 >>>>> >>>>> Title: Fundamental Elliptic Curve Cryptography Algorithms >>>>> Author: D. McGrew, K. Igoe, >>>>> M. Salter >>>>> Status: Informational >>>>> Stream: IETF >>>>> Date: February 2011 >>>>> Mailbox: mcgrew@cisco.com, >>>>> kmigoe@nsa.gov, >>>>> msalter@restarea.ncsc.mil >>>>> Pages: 34 >>>>> Characters: 75993 >>>>> Updates/Obsoletes/SeeAlso: None >>>>> >>>>> I-D Tag: draft-mcgrew-fundamental-ecc-04.txt >>>>> >>>>> URL: http://www.rfc-editor.org/rfc/rfc6090.txt >>>>> >>>>> This note describes the fundamental algorithms of Elliptic Curve >>>>> Cryptography (ECC) as they were defined in some seminal references >>>>> from 1994 and earlier. These descriptions may be useful for >>>>> implementing the fundamental algorithms without using any of the >>>>> specialized methods that were developed in following years. Only >>>>> elliptic curves defined over fields of characteristic greater than >>>>> three are in scope; these curves are those used in Suite B. >>>>> This document is not an Internet Standards Track specification; >>>>> it is >>>>> published for informational purposes. >>>>> >>>>> >>>>> INFORMATIONAL: This memo provides information for the Internet >>>>> community. >>>>> It does not specify an Internet standard of any kind. >>>>> Distribution of >>>>> this memo is unlimited. >>>>> _______________________________________________ >>>>> saag mailing list >>>>> saag@ietf.org >>>>> https://www.ietf.org/mailman/listinfo/saag >>>>> >>>> _______________________________________________ >>>> saag mailing list >>>> saag@ietf.org >>>> https://www.ietf.org/mailman/listinfo/saag >>>> >>> >>> >> > > > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag From deengert@anl.gov Fri Feb 11 09:09:26 2011 Return-Path: X-Original-To: saag@core3.amsl.com Delivered-To: saag@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AEDF23A69CB for ; Fri, 11 Feb 2011 09:09:26 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.599 X-Spam-Level: X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ctqIgRqam96F for ; Fri, 11 Feb 2011 09:09:25 -0800 (PST) Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by core3.amsl.com (Postfix) with ESMTP id C2C333A6989 for ; Fri, 11 Feb 2011 09:09:25 -0800 (PST) Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.anl.gov (Postfix) with ESMTP id 07D0D4C for ; Fri, 11 Feb 2011 11:09:41 -0600 (CST) Received: from [IPv6:::1] (atalanta.it.anl.gov [146.137.96.104]) by mailhost.anl.gov (Postfix) with ESMTP id F31F72D for ; Fri, 11 Feb 2011 11:09:40 -0600 (CST) Message-ID: <4D556D54.40102@anl.gov> Date: Fri, 11 Feb 2011 11:09:40 -0600 From: "Douglas E. Engert" User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101207 Lightning/1.0b2 Thunderbird/3.1.7 MIME-Version: 1.0 To: saag@ietf.org References: <4D4ABDBE.1040409@vpnc.org> <4D5450AE.5080205@htt-consult.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [saag] Fwd: RFC 6090 on Fundamental Elliptic Curve Cryptography Algorithms X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Feb 2011 17:09:26 -0000 On 2/10/2011 6:21 PM, Dan Harkins wrote: > > OpenSSL has supported EC since version 0.9.8. NSS has support but #ifdef'ed out. Windows 7 and 2008 have ECC support. Some Smart cards, like Oberthur id-one has ECC. OpenSC has some ECDSA (but not ECDH yet). > > Dan. > > On Thu, February 10, 2011 12:55 pm, Robert Moskowitz wrote: >> On 02/03/2011 09:37 AM, Paul Hoffman wrote: >>> Congrats on this getting published! How about a bit more deployment >>> now, eh? >> >> has there been any library development yet? I am interested in code size >> for ECDSA and ECDH using this RFC. >> >>> >>> --Paul Hoffman >>> >>> -------- Original Message -------- >>> Subject: RFC 6090 on Fundamental Elliptic Curve Cryptography Algorithms >>> Date: Wed, 2 Feb 2011 20:03:26 -0800 (PST) >>> From: rfc-editor@rfc-editor.org >>> To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org >>> CC: rfc-editor@rfc-editor.org >>> >>> >>> A new Request for Comments is now available in online RFC libraries. >>> >>> >>> RFC 6090 >>> >>> Title: Fundamental Elliptic Curve Cryptography Algorithms >>> Author: D. McGrew, K. Igoe, >>> M. Salter >>> Status: Informational >>> Stream: IETF >>> Date: February 2011 >>> Mailbox: mcgrew@cisco.com, >>> kmigoe@nsa.gov, >>> msalter@restarea.ncsc.mil >>> Pages: 34 >>> Characters: 75993 >>> Updates/Obsoletes/SeeAlso: None >>> >>> I-D Tag: draft-mcgrew-fundamental-ecc-04.txt >>> >>> URL: http://www.rfc-editor.org/rfc/rfc6090.txt >>> >>> This note describes the fundamental algorithms of Elliptic Curve >>> Cryptography (ECC) as they were defined in some seminal references >>> from 1994 and earlier. These descriptions may be useful for >>> implementing the fundamental algorithms without using any of the >>> specialized methods that were developed in following years. Only >>> elliptic curves defined over fields of characteristic greater than >>> three are in scope; these curves are those used in Suite B. >>> This document is not an Internet Standards Track specification; it is >>> published for informational purposes. >>> >>> >>> INFORMATIONAL: This memo provides information for the Internet >>> community. >>> It does not specify an Internet standard of any kind. Distribution of >>> this memo is unlimited. >>> _______________________________________________ >>> saag mailing list >>> saag@ietf.org >>> https://www.ietf.org/mailman/listinfo/saag >>> >> _______________________________________________ >> saag mailing list >> saag@ietf.org >> https://www.ietf.org/mailman/listinfo/saag >> > > > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag > > -- Douglas E. Engert Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 From turners@ieca.com Sun Feb 13 07:35:16 2011 Return-Path: X-Original-To: saag@core3.amsl.com Delivered-To: saag@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D5ACC3A69EB for ; Sun, 13 Feb 2011 07:35:16 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.457 X-Spam-Level: X-Spam-Status: No, score=-102.457 tagged_above=-999 required=5 tests=[AWL=0.141, BAYES_00=-2.599, UNPARSEABLE_RELAY=0.001, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ir7e7gbukO2x for ; Sun, 13 Feb 2011 07:35:15 -0800 (PST) Received: from nm2-vm0.bullet.mail.sp2.yahoo.com (nm2-vm0.bullet.mail.sp2.yahoo.com [98.139.91.248]) by core3.amsl.com (Postfix) with SMTP id C5A963A69AB for ; Sun, 13 Feb 2011 07:35:15 -0800 (PST) Received: from [98.139.91.67] by nm2.bullet.mail.sp2.yahoo.com with NNFMP; 13 Feb 2011 15:35:33 -0000 Received: from [98.139.91.46] by tm7.bullet.mail.sp2.yahoo.com with NNFMP; 13 Feb 2011 15:35:33 -0000 Received: from [127.0.0.1] by omp1046.mail.sp2.yahoo.com with NNFMP; 13 Feb 2011 15:35:33 -0000 X-Yahoo-Newman-Id: 616463.46605.bm@omp1046.mail.sp2.yahoo.com Received: (qmail 6913 invoked from network); 13 Feb 2011 15:35:33 -0000 Received: from thunderfish.local (turners@96.241.3.251 with plain) by smtp113.biz.mail.sp1.yahoo.com with SMTP; 13 Feb 2011 07:35:33 -0800 PST X-Yahoo-SMTP: ZrP3VLSswBDL75pF8ymZHDSu9B.vcMfDPgLJ X-YMail-OSG: lqiaZUwVM1n9xBEqNorr2uLXmC3mbZ39Z9bHyL6Ncih.flz clasNQFV55CtnQTHwT4pyBlE3Ah0B6UC92MTutBjJujk8._ZMdLWHq.5CYAu aB_2kXRPu4dtFs6SfSKlTlCIqsCSqWghs7ZX4Dh9kfWjp2B6TK1J.joCTv6w 0IVM8ilwOBrzIyw.89NGKx0k9qHNfPYvwxnqTs1M5aniPl.oZiZcuESBY.fr lh7Mn0Y6zknR5H1WQpGR4Fkuf26l6rfRKINmmfzCQvIAw5d5bQVe1C8ngrD0 fPxBbP3VjgDjz37wL1R4rUifSjM_xlHDpuaE- X-Yahoo-Newman-Property: ymail-3 Message-ID: <4D57FA44.7070602@ieca.com> Date: Sun, 13 Feb 2011 10:35:32 -0500 From: Sean Turner User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.13) Gecko/20101207 Lightning/1.0b2 Thunderbird/3.1.7 MIME-Version: 1.0 To: saag@ietf.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: [saag] Fwd: NIST releases Draft FIPS 180-4, Secure Hash Standard (SHS) X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Feb 2011 15:35:17 -0000 -------- Original Message -------- Subject: NIST releases Draft FIPS 180-4, Secure Hash Standard (SHS) Date: Fri, 11 Feb 2011 12:10:20 -0500 NIST announces the release of Draft Federal Information Processing Standard (FIPS) 180-4, Secure Hash Standard (SHS). Draft FIPS 180-4 is a proposed revision of FIPS 180-3. Draft FIPS 180-4 adds a general procedure for creating an initialization hash value and two additional secure hash algorithms: SHA-512/224 and SHA-512/256, and removes a requirement that padding must be done before hash computation begins. SHA-512/224 and SHA-512/256 may be more efficient alternatives to SHA-224 and SHA-256, respectively, on platforms that are optimized for 64-bit operations. Removing the restriction on the padding operation in the secure hash algorithms will potentially create more flexibility and efficiency in implementing the secure hash algorithms in many computer network applications. The Federal Register Notice (FRN) of this publication is located _here _. Examples of the implementation of the secure hash algorithms SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224 and SHA-512/256, can be found at http://www.nist.gov/CryptoToolkitExamples. From dbrown@certicom.com Sun Feb 13 11:13:50 2011 Return-Path: X-Original-To: saag@core3.amsl.com Delivered-To: saag@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 890E13A6AB8 for ; Sun, 13 Feb 2011 11:13:50 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.203 X-Spam-Level: X-Spam-Status: No, score=-5.203 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OyP-2Y0l00Hh for ; Sun, 13 Feb 2011 11:13:49 -0800 (PST) Received: from mhs03ykf.rim.net (mhs03ykf.rim.net [216.9.243.80]) by core3.amsl.com (Postfix) with ESMTP id B347D3A6A19 for ; Sun, 13 Feb 2011 11:13:48 -0800 (PST) X-AuditID: 0a401fcb-b7beaae000000a79-eb-4d582d8092cc Received: from XHT101CNC.rim.net ( [10.65.12.214]) by mhs03ykf.rim.net (RIM Mail) with SMTP id C3.CD.02681.08D285D4; Sun, 13 Feb 2011 14:14:08 -0500 (EST) Received: from XCH117CNC.rim.net ([fe80::b8df:541f:9d85:9909]) by XHT101CNC.rim.net ([fe80::cd26:db3b:81e6:46eb%11]) with mapi; Sun, 13 Feb 2011 14:14:08 -0500 From: Dan Brown To: "turners@ieca.com" , "saag@ietf.org" Date: Sun, 13 Feb 2011 14:14:05 -0500 Thread-Topic: [saag] Fwd: NIST releases Draft FIPS 180-4, Secure Hash Standard (SHS) Thread-Index: AcvLk6wtt/RpVd7vTSi+AtYEa80ydwAHoJej Message-ID: In-Reply-To: <4D57FA44.7070602@ieca.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="iso-8859-1" content-transfer-encoding: quoted-printable MIME-Version: 1.0 X-Brightmail-Tracker: AAAAAgAAAZEXZiWD Subject: Re: [saag] Fwd: NIST releases Draft FIPS 180-4, Secure Hash Standard (SHS) X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Feb 2011 19:13:50 -0000 Would IETF, especially PKIX and CMS, like new OIDs for algorithms that might= use the new hashes, such as ECDSA? ----- Original Message ----- From: Sean Turner [mailto:turners@ieca.com] Sent: Sunday, February 13, 2011 10:35 AM=0A= To: saag@ietf.org Subject: [saag] Fwd: NIST releases Draft FIPS 180-4, Secure Hash Standard (S= HS) -------- Original Message -------- Subject: NIST releases Draft FIPS 180-4, Secure Hash Standard (SHS) Date: Fri, 11 Feb 2011 12:10:20 -0500 NIST announces the release of Draft Federal Information Processing Standard (FIPS) 180-4, Secure Hash Standard (SHS). Draft FIPS 180-4 is a proposed revision of FIPS 180-3. Draft FIPS 180-4 adds a general procedure for creating an initialization hash value and two additional secure hash algorithms: SHA-512/224 and SHA-512/256, and removes a requirement that padding must be done before hash computation begins. SHA-512/224 and SHA-512/256 may be more efficient alternatives to SHA-224 and SHA-256, respectively, on platforms that are optimized for 64-bit operations. Removing the restriction on the padding operation in the secure hash algorithms will potentially create more flexibility and efficiency in implementing the secure hash algorithms in many computer network applications. The Federal Register Notice (FRN) of this publication is located _here = _. Examples of the implementation of the secure hash algorithms SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224 and SHA-512/256, can be found at http://www.nist.gov/CryptoToolkitExamples. _______________________________________________ saag mailing list saag@ietf.org https://www.ietf.org/mailman/listinfo/saag ---------------------------------------------------------------------=0A= This transmission (including any attachments) may contain confidential infor= mation, privileged material (including material protected by the solicitor-c= lient or other applicable privileges), or constitute non-public information.= Any use of this information by anyone other than the intended recipient is= prohibited. If you have received this transmission in error, please immedia= tely reply to the sender and delete this information from your system. Use,= dissemination, distribution, or reproduction of this transmission by uninte= nded recipients is not authorized and may be unlawful. From mnot@mnot.net Tue Jan 25 17:45:16 2011 Return-Path: X-Original-To: saag@core3.amsl.com Delivered-To: saag@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CE3F73A690B; Tue, 25 Jan 2011 17:45:16 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -104.581 X-Spam-Level: X-Spam-Status: No, score=-104.581 tagged_above=-999 required=5 tests=[AWL=-1.982, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zY5lqzeUwGT7; Tue, 25 Jan 2011 17:45:15 -0800 (PST) Received: from mxout-08.mxes.net (mxout-08.mxes.net [216.86.168.183]) by core3.amsl.com (Postfix) with ESMTP id B3F213A68CC; Tue, 25 Jan 2011 17:45:15 -0800 (PST) Received: from chancetrain-lm.mnot.net (unknown [118.209.1.128]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id E7B82509D9; Tue, 25 Jan 2011 20:48:05 -0500 (EST) Mime-Version: 1.0 (Apple Message framework v1082) Content-Type: text/plain; charset=us-ascii From: Mark Nottingham In-Reply-To: Content-Transfer-Encoding: quoted-printable Message-Id: <720CBD0F-C714-4D39-85A8-30304E27F24E@mnot.net> References: <4D2A239C.6040801@extendedsubset.com> To: Ben Laurie X-Mailer: Apple Mail (2.1082) X-Mailman-Approved-At: Mon, 14 Feb 2011 09:37:06 -0800 Cc: apps-discuss@ietf.org, dwm@xpasc.com, websec@ietf.org, marsh@extendedsubset.com, kitten@ietf.org, zedshaw@zedshaw.com, http-auth@ietf.org, ietf-http-wg@w3.org, romeda@gmail.com, hallam@gmail.com, saag@ietf.org Subject: Re: [saag] [websec] [apps-discuss] [kitten] HTTP authentication: the next generation X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Wed, 26 Jan 2011 01:45:17 -0000 X-Original-Date: Wed, 26 Jan 2011 12:47:59 +1100 X-List-Received-Date: Wed, 26 Jan 2011 01:45:17 -0000 While this thread is doubtless interesting to those on the various lists = in the CC line, it's getting a bit verbose.=20 Perhaps discussion could be consolidated on the http-auth@ietf.org list? Regards, -- Mark Nottingham http://www.mnot.net/ From jon@callas.org Mon Feb 14 12:24:20 2011 Return-Path: X-Original-To: saag@core3.amsl.com Delivered-To: saag@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 29ECD3A6C51 for ; Mon, 14 Feb 2011 12:24:20 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.495 X-Spam-Level: X-Spam-Status: No, score=-0.495 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gSy6yCt9DhXD for ; Mon, 14 Feb 2011 12:24:19 -0800 (PST) Received: from merrymeet.com (unknown [173.164.244.100]) by core3.amsl.com (Postfix) with ESMTP id 339453A6AD5 for ; Mon, 14 Feb 2011 12:24:18 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by merrymeet.com (Postfix) with ESMTP id 253E12E03F; Mon, 14 Feb 2011 12:25:57 -0800 (PST) Received: from merrymeet.com ([127.0.0.1]) by localhost (host.domain.tld [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 87594-06; Mon, 14 Feb 2011 12:25:52 -0800 (PST) Received: from keys.merrymeet.com (keys.merrymeet.com [173.164.244.97]) (Authenticated sender: jon) by merrymeet.com (Postfix) with ESMTPA id ED5152E00B; Mon, 14 Feb 2011 12:25:52 -0800 (PST) Received: from [17.193.14.24] ([17.193.14.24]) by keys.merrymeet.com (PGP Universal service); Mon, 14 Feb 2011 12:24:38 -0800 X-PGP-Universal: processed; by keys.merrymeet.com on Mon, 14 Feb 2011 12:24:38 -0800 Mime-Version: 1.0 (Apple Message framework v1082) From: Jon Callas In-Reply-To: Date: Mon, 14 Feb 2011 12:24:36 -0800 Message-Id: <10A79B1D-D0E8-40C6-B32C-58870BD4B34A@callas.org> References: To: Dan Brown X-Mailer: Apple Mail (2.1082) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable X-Virus-Scanned: Maia Mailguard Cc: saag@ietf.org Subject: Re: [saag] Fwd: NIST releases Draft FIPS 180-4, Secure Hash Standard (SHS) X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Feb 2011 20:24:20 -0000 On Feb 13, 2011, at 11:14 AM, Dan Brown wrote: > Would IETF, especially PKIX and CMS, like new OIDs for algorithms that = might use the new hashes, such as ECDSA? Is there a reason that the OIDs supplied here: are insufficient? It's what we've been using before, with just a new 5 = and 6 for the two new hashes. JOn From dbrown@certicom.com Mon Feb 14 13:12:02 2011 Return-Path: X-Original-To: saag@core3.amsl.com Delivered-To: saag@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6B7C33A6D46 for ; Mon, 14 Feb 2011 13:12:02 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.203 X-Spam-Level: X-Spam-Status: No, score=-5.203 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u7TDNSRh+Jqs for ; Mon, 14 Feb 2011 13:12:01 -0800 (PST) Received: from mhs03ykf.rim.net (mhs03ykf.rim.net [216.9.243.80]) by core3.amsl.com (Postfix) with ESMTP id 1B3CD3A67DF for ; Mon, 14 Feb 2011 13:12:00 -0800 (PST) X-AuditID: 0a401fcb-b7beaae000000a79-d5-4d599ab7826b Received: from XHT104CNC.rim.net ( [10.65.22.52]) by mhs03ykf.rim.net (RIM Mail) with SMTP id 26.A2.02681.7BA995D4; Mon, 14 Feb 2011 16:12:23 -0500 (EST) Received: from XCH117CNC.rim.net ([fe80::b8df:541f:9d85:9909]) by XHT104CNC.rim.net ([fe80::9520:36d8:1c40:a506%11]) with mapi; Mon, 14 Feb 2011 16:12:23 -0500 From: Dan Brown To: 'Jon Callas' Date: Mon, 14 Feb 2011 16:12:22 -0500 Thread-Topic: [saag] Fwd: NIST releases Draft FIPS 180-4, Secure Hash Standard (SHS) Thread-Index: AcvMhTk+Qd/XfTTrQ8am2v2AdaISjAABPteA Message-ID: References: <10A79B1D-D0E8-40C6-B32C-58870BD4B34A@callas.org> In-Reply-To: <10A79B1D-D0E8-40C6-B32C-58870BD4B34A@callas.org> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="us-ascii" content-transfer-encoding: quoted-printable MIME-Version: 1.0 X-Brightmail-Tracker: AAAAAgAAAZEXZiWD Cc: "saag@ietf.org" Subject: Re: [saag] Fwd: NIST releases Draft FIPS 180-4, Secure Hash Standard (SHS) X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Feb 2011 21:12:02 -0000 > -----Original Message----- > From: Jon Callas [mailto:jon@callas.org] > Sent: Monday, February 14, 2011 3:25 PM > > > Would IETF, especially PKIX and CMS, like new OIDs for algorithms > that might use the new hashes, such as ECDSA? > > Is there a reason that the OIDs supplied here: > > > > are insufficient? It's what we've been using before, with just a new 5 > and 6 for the two new hashes. PKIX, RFC 5480, used individual OIDs for ecdsa-with-SHA1, ecdsa-with-SHA256,= etc, which are defined under the ANSI X9.62 arc. ANSI X9.62 also has an OID ECDSA-with-Specified, allowing the hash to specif= ied in the parameters field of an algorithm identifier, which would allow fo= r the NIST hash OIDs to be used easily, albeit at the expense of two OIDs in= stead of one. Also, some RFCs, e.g. 4055 Section 2.1, might need minor updating to allow u= se of the new NIST OIDs. ---------------------------------------------------------------------=0A= This transmission (including any attachments) may contain confidential infor= mation, privileged material (including material protected by the solicitor-c= lient or other applicable privileges), or constitute non-public information.= Any use of this information by anyone other than the intended recipient is= prohibited. If you have received this transmission in error, please immedia= tely reply to the sender and delete this information from your system. Use,= dissemination, distribution, or reproduction of this transmission by uninte= nded recipients is not authorized and may be unlawful.