1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
|
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
helo=mx.sourceforge.net)
by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <melvincarvalho@gmail.com>) id 1XdcRq-0005AM-QK
for bitcoin-development@lists.sourceforge.net;
Mon, 13 Oct 2014 10:01:50 +0000
Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.217.172 as permitted sender)
client-ip=209.85.217.172; envelope-from=melvincarvalho@gmail.com;
helo=mail-lb0-f172.google.com;
Received: from mail-lb0-f172.google.com ([209.85.217.172])
by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1XdcRo-0006ir-G2
for bitcoin-development@lists.sourceforge.net;
Mon, 13 Oct 2014 10:01:50 +0000
Received: by mail-lb0-f172.google.com with SMTP id b6so6154025lbj.31
for <bitcoin-development@lists.sourceforge.net>;
Mon, 13 Oct 2014 03:01:41 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.112.164.203 with SMTP id ys11mr2286313lbb.83.1413194497349;
Mon, 13 Oct 2014 03:01:37 -0700 (PDT)
Received: by 10.112.63.202 with HTTP; Mon, 13 Oct 2014 03:01:37 -0700 (PDT)
In-Reply-To: <bug-24444-7046-xvP1kb2tHS@http.www.w3.org/Bugs/Public/>
References: <bug-24444-7046@http.www.w3.org/Bugs/Public/>
<bug-24444-7046-xvP1kb2tHS@http.www.w3.org/Bugs/Public/>
Date: Mon, 13 Oct 2014 12:01:37 +0200
Message-ID: <CAKaEYhJPFoaSzPuGH80u3y6XoYCOpeQ0=3qote3jdwNVegoiVQ@mail.gmail.com>
From: Melvin Carvalho <melvincarvalho@gmail.com>
To: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Content-Type: multipart/alternative; boundary=001a1133be8a035ef105054afcac
X-Spam-Score: -0.6 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(melvincarvalho[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1XdcRo-0006ir-G2
Subject: [Bitcoin-development] Fwd: [Bug 24444] Named Curve Registry (adding
secp256k1)
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Mon, 13 Oct 2014 10:01:51 -0000
--001a1133be8a035ef105054afcac
Content-Type: text/plain; charset=UTF-8
FYI:
This is an issue I filed related to adding secp256k1 into Web Crypto API
which will be implemented natively in (some) web browsers.
If there is any feedback from crypto implementers, please feel free to add
comments to this thread:
https://www.w3.org/Bugs/Public/show_bug.cgi?id=24444
---------- Forwarded message ----------
From: <bugzilla@jessica.w3.org>
Date: 13 October 2014 09:18
Subject: [Bug 24444] Named Curve Registry (adding secp256k1)
To: melvincarvalho@gmail.com
https://www.w3.org/Bugs/Public/show_bug.cgi?id=24444
Myron Davis <myrond@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
CC| |myrond@gmail.com
Resolution|NEEDSINFO |---
--- Comment #2 from Myron Davis <myrond@gmail.com> ---
Could this be looked at again?
Last response was waiting for feedback from crypto implementors.
Currently secp256k1 is supported in the following SSL/TLS libraries now
Botan
NSS
openssl
LibreSSL
PolarSSL
JSSE
The three other curves are all all have parameters which do not define how
they
were generated. secp256k1 curve has some great advantages in faster
signature
verification and how the values were determined for the curve. (i.e. not
random).
http://www.ietf.org/rfc/rfc4492
The curve has had a lot of eyes on it with lots of hardware and software
supporting this curve.
With discovery of backdoor's in NIST's random number generator
(https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html ) I
would
like to see a determined parameter curve instead of a "random" curve option.
Thanks
--
You are receiving this mail because:
You reported the bug.
--001a1133be8a035ef105054afcac
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div><div>FYI:<br><br></div>This is an issue I filed relat=
ed to adding secp256k1 into Web Crypto API which will be implemented native=
ly in (some) web browsers.<br></div><div><br></div>If there is any feedback=
from crypto implementers, please feel free to add comments to this thread:=
<a href=3D"https://www.w3.org/Bugs/Public/show_bug.cgi?id=3D24444" target=
=3D"_blank">https://www.w3.org/Bugs/Public/show_bug.cgi?id=3D24444</a><div>=
<div><div><br><div class=3D"gmail_quote">---------- Forwarded message -----=
-----<br>From: <b class=3D"gmail_sendername"></b> <span dir=3D"ltr"><<a =
href=3D"mailto:bugzilla@jessica.w3.org">bugzilla@jessica.w3.org</a>></sp=
an><br>Date: 13 October 2014 09:18<br>Subject: [Bug 24444] Named Curve Regi=
stry (adding secp256k1)<br>To: <a href=3D"mailto:melvincarvalho@gmail.com">=
melvincarvalho@gmail.com</a><br><br><br><a href=3D"https://www.w3.org/Bugs/=
Public/show_bug.cgi?id=3D24444" target=3D"_blank">https://www.w3.org/Bugs/P=
ublic/show_bug.cgi?id=3D24444</a><br>
<br>
Myron Davis <<a href=3D"mailto:myrond@gmail.com">myrond@gmail.com</a>>=
; changed:<br>
<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0What=C2=A0 =C2=A0 |Removed=C2=A0 =
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0|Added=
<br>
---------------------------------------------------------------------------=
-<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0Status|RESOLVED=C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 |REOPENED<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0CC|=C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 |<a href=3D"mailto:myrond@gmail.com">myrond@gmail.com</a><br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0Resolution|NEEDSINFO=C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0|---<br>
<br>
--- Comment #2 from Myron Davis <<a href=3D"mailto:myrond@gmail.com">myr=
ond@gmail.com</a>> ---<br>
Could this be looked at again?<br>
<br>
Last response was waiting for feedback from crypto implementors.<br>
<br>
Currently secp256k1 is supported in the following SSL/TLS libraries now<br>
Botan<br>
NSS<br>
openssl<br>
LibreSSL<br>
PolarSSL<br>
JSSE<br>
<br>
The three other curves are all all have parameters which do not define how =
they<br>
were generated.=C2=A0 secp256k1 curve has some great advantages in faster s=
ignature<br>
verification and how the values were determined for the curve.=C2=A0 (i.e. =
not<br>
random).<br>
<br>
<a href=3D"http://www.ietf.org/rfc/rfc4492" target=3D"_blank">http://www.ie=
tf.org/rfc/rfc4492</a><br>
<br>
The curve has had a lot of eyes on it with lots of hardware and software<br=
>
supporting this curve.<br>
<br>
With discovery of backdoor's in NIST's random number generator<br>
(<a href=3D"https://www.schneier.com/blog/archives/2007/11/the_strange_sto.=
html" target=3D"_blank">https://www.schneier.com/blog/archives/2007/11/the_=
strange_sto.html</a> ) I would<br>
like to see a determined parameter curve instead of a "random" cu=
rve option.<br>
<br>
Thanks<br>
<div class=3D""><div class=3D"h5"><br>
--<br>
You are receiving this mail because:<br>
You reported the bug.<br>
</div></div></div><br></div></div></div></div>
--001a1133be8a035ef105054afcac--
|
