[rfc-editor at rfc-editor.org] RFC 6637 on Elliptic Curve Cryptography (ECC) in OpenPGP

[Matthias-Christian Ott]

On 2012-06-12 09:41, Werner Koch wrote:
> On Tue, 12 Jun 2012 07:58, ott at mirix.org said:
>> Apparently the Brainpool curves didn't make into the standard. You wrote
>> (<8739bo51de.fsf at vigenere.g10code.de>) that you prefer them and that
>> GnuPG is going to support them. Is that still the plan? If so, are they
> 
> They are not excluded from the standard.  The standard defines two
> things:
> 
> a) An OpenPGP protocol extension.
> b) Two profiles for that extension.
> 
> It is easy to support other curves and thus create a de-facto standard.

If I understand it correctly, it's just a matter of inserting the
Brainpool OIDs and using the respective parameters.

> Given the mystery-mongering of German and US governmental IT security
> bodies I didn't wanted to take either side.  Thus I did not pursuit to
> have Brainpool listed as another profile.  Or a Japanese, Russian, or
> Chinese one.  If someone want that, they are free to work on another RFC
> to add their profile to rfc6637.  This is the same as the addition of
> the Camellia cipher to OpenPGP.  Why should I spend my own unpaid time
> on such a thing; I am anyway on the rocks.

You should at least have another specification other than the source
code for interoperability purposes (not that there are other significant
OpenPGP implementations, but perhaps in the future).

> Adding Brainpool to GPG is still a good idea and I would like to prepare
> that.  It is not that complicated and could go hand in hand with some
> little code restructuring needed anyway.  The question is about GPG's
> interface: I am thinking of an extra prompt before asking for the size
> of the curve:
> 
>    Please select the type of curve:
>     1) OpenPGP  (default)
>     2) SuiteB
>     3) Brainpool
>    Your selection?

That seems consistent with the rest of the user interface.

Regards,
Matthias-Christian