Christoph Anton Mitterer cam at
Mon Oct 31 16:36:52 CET 2005

Werner Koch wrote:

>>I know that, of course, but I think that perhaps we'll have no ECC the 
>>next 10 years or so,.. if noone makes the step,...
Uhm,.. I probably have not that detailed knowlegde as you,... but when 
I've read the comparisions of cryptographical strength it seemed that 
ECC with very smaller key sizes is as strong as RSA/ElGamal with bigger 
key sizes,... doesn't this lead to the conclusion that ECC is an 
superior algorithm and should be used in favour?

>There is no reason for ECC.  Even chip cards are getting powerful
>enough not to need ECC for cost reasons.  There is also the problem
>with US patents on many curves and essential implementation details.
Uhm,... yes patents are always a big problem,...
Do you remember when, I think it was BBC, claimed they had a patent in 
the US which would cover hyperlinks? Should the the world stop using 
knowledge just because someone in the US patented it?

>OTOH, there seems to be a move in the NSIS to go for ECC for longer
>DSA key sizes; this is due to decision on the new DSA key sizes.  So
>there might be a change in some time.
Yes,.. I've read about that. And my new key is a RSA-S/ElGamal key,.. so 
I probably won't have that DSA/DSS problem :-) .

>>btw: If GnuPG would implement ECC and add it unofficially to OpenPGP it 
>>could be done in such a way, that it is compatible with the ideas and 
>Standards are a Good Thing and it is the politic of the GNU project
>to comply with reasonable standards as long as there are no technical
>reasons to to some thin else.
Yes of course, I indeed love standards,.. but I meant the OpenSource 
community around GnuPG could _create_ such a standard.
Look at XMPP (jabber),.. it works... :-)

>>As you can see, lots of todays standards startet as one-man-application, 
>>e.g. OpenPGP (from PGP/RSA Inc.), JavaScript->ECMAScript (from 
>OpenPGP has nothing to do with RSA Inc.
Uhm sorry,.. *g* I meant PKCS 1 to somewhere.

>Try asking Phil about RSA
>Inc. and you will soon see why.  The OpenPGP WG has been founded out
>of an initiative by Phil Zimmermann and Jon Callas at the 1997 Munich
>IETF with the aim to keep PGP alive even if their new company would
It was in "my" city?? I didn't know that :-)

>>So if GnuPG would (pseudo-officially) implement that now,.. it could be 
>>the first compliant application later :-)
>No, we will however add some ECC support into Libgcrypt as time
What about using that uhm,.. libecc (

Best wishes,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cam.vcf
Type: text/x-vcard
Size: 449 bytes
Desc: not available
Url : /pipermail/attachments/20051031/da9cc2aa/cam.vcf

More information about the Gnupg-users mailing list