Liaison statement
Additional Curves

State Posted
Posted Date 2015-03-11
From Group SEC
From Contact Mark Nottingham
To Group W3C
To Contacts hhalpin@w3.org
CcMark Nottingham
Stephen Farrell
Kathleen Moriarty
The IETF Chair
cfrg-chairs@tools.ietf.org
lars@eggert.org
tls-chairs@tools.ietf.org
wseltzer@w3.org
plh@w3.org
Purpose For information
Attachments (None)
Body
To whom it may concern,

Harry Halpin from W3C has indicated [1] that it may be
useful to send a status report about the work on additional
elliptic curves that is being done in the IETF and IRTF.

The IETF TLS WG has asked for assistance from the IRTF
CFRG in the selection of some additional elliptic curves
with advantageous properties for use in TLS. It is highly
likely that other IETF work will re-use those curves when
they are adopted for use in TLS. The TLS WG has previously
gotten similar advice from CFRG in relation to e.g. the
chacha algorithm, so this is not an uncommon process in
the IETF context.

To date, CFRG has reached consensus on two curves at
different security levels; one of them is currently
documented in [2]. Additional work is still required to
specify cryptographic algorithms using these curves; this
work is on-going in CFRG.

We would be happy to see W3C work with the IETF and CFRG
as this work proceeds to ensure that WebCrypto and TLS
expose the same curves and, insofar as possible, the same
algorithms.

Regards,
Stephen Farrell & Kathleen Moriarty
(Security area directors)

[1] https://www.ietf.org/mail-archive/web/cfrg/current/msg06424.html
[2] https://datatracker.ietf.org/doc/draft-irtf-cfrg-curves/