[rfc-editor at rfc-editor.org] RFC 6637 on Elliptic Curve Cryptography (ECC) in OpenPGP
Werner Koch
wk at gnupg.org
Tue Jun 12 09:41:06 CEST 2012
On Tue, 12 Jun 2012 07:58, ott at mirix.org said:
> Apparently the Brainpool curves didn't make into the standard. You wrote
> (<8739bo51de.fsf at vigenere.g10code.de>) that you prefer them and that
> GnuPG is going to support them. Is that still the plan? If so, are they
They are not excluded from the standard. The standard defines two
things:
a) An OpenPGP protocol extension.
b) Two profiles for that extension.
It is easy to support other curves and thus create a de-facto standard.
Given the mystery-mongering of German and US governmental IT security
bodies I didn't wanted to take either side. Thus I did not pursuit to
have Brainpool listed as another profile. Or a Japanese, Russian, or
Chinese one. If someone want that, they are free to work on another RFC
to add their profile to rfc6637. This is the same as the addition of
the Camellia cipher to OpenPGP. Why should I spend my own unpaid time
on such a thing; I am anyway on the rocks.
Adding Brainpool to GPG is still a good idea and I would like to prepare
that. It is not that complicated and could go hand in hand with some
little code restructuring needed anyway. The question is about GPG's
interface: I am thinking of an extra prompt before asking for the size
of the curve:
Please select the type of curve:
1) OpenPGP (default)
2) SuiteB
3) Brainpool
Your selection?
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-devel
mailing list