Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Crypto appendix - give alias names for groups #2374

Open
randomstuff opened this issue Nov 13, 2024 · 2 comments
Open

Crypto appendix - give alias names for groups #2374

randomstuff opened this issue Nov 13, 2024 · 2 comments
Assignees
@danielcuthbert
Labels
3) awaiting proposal There is some discussion in issue and reach to some results but it's not concluded with clear propos AppendixV Appendix with crypto details _5.0 - prep This needs to be addressed to prepare 5.0

Comments

@randomstuff
Copy link
Contributor

Currently the appendix names the DH groups with names such as "256-bit random ECP group". For the layperson, it may not be straightforward to map those to other names such as secp256r1, prime256v1, P-256 (they are the same, right?). It would be nice to list the different names.
@elarlang elarlang added _5.0 - prep This needs to be addressed to prepare 5.0 V6 labels Nov 14, 2024
@tghosth tghosth added the 3) awaiting proposal There is some discussion in issue and reach to some results but it's not concluded with clear propos label Nov 18, 2024
@danielcuthbert
Copy link
Collaborator

Would a layperson be doing such cryptography at this level? I hear what you are saying but I feel we are trying to make a crypto 101 here when that isn't what V6 is about

@randomstuff
Copy link
Contributor Author

randomstuff commented Nov 18, 2024
edited
Loading

The layperson:

  1. would find a list of approved groups in this appendix;
  2. would see that his application his using "ES256" which according to RFC5718 is "ECDSA using P-256 and SHA-256";
  3. would be left wondering whether P-256 is related to "256-bit random ECP group" and whether P-256 is actually approved.

Actually, #2371 currently explicitly mentions "ECDSA (P-256, P-384, P-521)" but now we have this inconsistency where the same stuff is called by two different names in the same appendix.

@tghosth tghosth added AppendixV Appendix with crypto details and removed V6 labels Nov 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@danielcuthbert danielcuthbert

Labels
3) awaiting proposal There is some discussion in issue and reach to some results but it's not concluded with clear propos AppendixV Appendix with crypto details _5.0 - prep This needs to be addressed to prepare 5.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@randomstuff @danielcuthbert @tghosth @elarlang