On 10/16/2013 11:03 PM, Daniel Kahn Gillmor wrote:
On 09/30/2013 08:46 AM, Nikos Mavrogiannopoulos wrote:
There has been lately an attempt to avoid the NIST's curves due to suspicions about their generation. One of them are the brainpool curves at: http://tools.ietf.org/html/rfc5639 which seem to be sponsored by the German BSI. Having them in nettle would be a good thing (the same authors are working on standardizing these curves in TLS and PKIX).
Similarly, an implementation of Curve25519 [0] would probably also be useful to have in the library, as it is also under active discussion in several contexts.
[reviving old thread]
It seems it is being pushed forward and openssh even uses it by default now. There are implementations like [0] that nettle could take advantage to use that curve, but what I'm worried about is that the current interfaces to use this curve provide no agility. If any issue is found replacing it isn't straightforward.
regards, Nikos