Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of bluematt.me
	designates 192.241.179.72 as permitted sender)
	client-ip=192.241.179.72; envelope-from=bitcoin-list@bluematt.me;
	helo=mail.bluematt.me; 
Message-ID: <543C097D.7060308@bluematt.me>
Date: Mon, 13 Oct 2014 17:18:53 +0000
From: Matt Corallo <bitcoin-list@bluematt.me>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
	rv:31.0) Gecko/20100101 Thunderbird/31.0
MIME-Version: 1.0
To: bitcoin-development@lists.sourceforge.net
References: <bug-24444-7046@http.www.w3.org/Bugs/Public/>	<bug-24444-7046-xvP1kb2tHS@http.www.w3.org/Bugs/Public/>
	<CAKaEYhJPFoaSzPuGH80u3y6XoYCOpeQ0=3qote3jdwNVegoiVQ@mail.gmail.com>
In-Reply-To: <CAKaEYhJPFoaSzPuGH80u3y6XoYCOpeQ0=3qote3jdwNVegoiVQ@mail.gmail.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Subject: Re: [Bitcoin-development] Fwd: [Bug 24444] Named Curve Registry
 (adding secp256k1)
Precedence: list

See-also: this related bug on Curve25519 and some MS Research curves
that generated far more discussion.

https://www.w3.org/Bugs/Public/show_bug.cgi?id=25839

Matt

On 10/13/14 10:01, Melvin Carvalho wrote:
> FYI:
> 
> This is an issue I filed related to adding secp256k1 into Web Crypto API
> which will be implemented natively in (some) web browsers.
> 
> If there is any feedback from crypto implementers, please feel free to
> add comments to this thread:
> https://www.w3.org/Bugs/Public/show_bug.cgi?id=24444
> 
> ---------- Forwarded message ----------
> From: ** <bugzilla@jessica.w3.org <mailto:bugzilla@jessica.w3.org>>
> Date: 13 October 2014 09:18
> Subject: [Bug 24444] Named Curve Registry (adding secp256k1)
> To: melvincarvalho@gmail.com <mailto:melvincarvalho@gmail.com>
> 
> 
> https://www.w3.org/Bugs/Public/show_bug.cgi?id=24444
> 
> Myron Davis <myrond@gmail.com <mailto:myrond@gmail.com>> changed:
> 
>            What    |Removed                     |Added
> ----------------------------------------------------------------------------
>              Status|RESOLVED                    |REOPENED
>                  CC|                            |myrond@gmail.com
> <mailto:myrond@gmail.com>
>          Resolution|NEEDSINFO                   |---
> 
> --- Comment #2 from Myron Davis <myrond@gmail.com
> <mailto:myrond@gmail.com>> ---
> Could this be looked at again?
> 
> Last response was waiting for feedback from crypto implementors.
> 
> Currently secp256k1 is supported in the following SSL/TLS libraries now
> Botan
> NSS
> openssl
> LibreSSL
> PolarSSL
> JSSE
> 
> The three other curves are all all have parameters which do not define
> how they
> were generated.  secp256k1 curve has some great advantages in faster
> signature
> verification and how the values were determined for the curve.  (i.e. not
> random).
> 
> http://www.ietf.org/rfc/rfc4492
> 
> The curve has had a lot of eyes on it with lots of hardware and software
> supporting this curve.
> 
> With discovery of backdoor's in NIST's random number generator
> (https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html ) I
> would
> like to see a determined parameter curve instead of a "random" curve option.
> 
> Thanks
> 
> --
> You are receiving this mail because:
> You reported the bug.
> 
> 
> 
> ------------------------------------------------------------------------------
> Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
> Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
> Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
> Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
> http://p.sf.net/sfu/Zoho
> 
> 
> 
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>