[Servercert-wg] [Ext] [cabfpub] Interest in Ed25519 and/or Ed448?

Paul Hoffman paul.hoffman at icann.org
Fri Dec 21 10:16:48 MST 2018


On Dec 21, 2018, at 8:42 AM, Phillip via Servercert-wg <servercert-wg at cabforum.org> wrote:
> 
> One major concern I have in any standards process covering multiple bodies is to avoid a standards deadlock condition in which each group is waiting for another to act.
>  
> As far as CABForum is concerned, the existence of FIPS qualified hardware should be irrelevant to passing a BR. If we want FIPS hardware, we say it is a requirement in the BR.
>  
> If we wait for the hardware manufacturers to deploy, they will wait for us and so on ad infinitum. We have a circle of ungranted request. The way I see this process working is:
>  
> 	• IRTF-CFRG examines, reviews and specifies algorithms
> 	• IETF-TLS specifies code points for use in TLS
> 	• CABForum approves use in WebPKI certificates
> 	• Vendors deploy
>  
> Each step in the process can only wait on lower numbered steps.
>  
> Here Vendors includes browser providers, CAs and HSM manufacturers. Since HSM manufacturers are not represented in CABForum, it would be especially futile to wait on them. So we make a requirement now knowing it will take them some time to catch up. In the meantime, browsers can start writing and testing code.

Kind of wearing my ICANN hat, I want to strongly agree with what Phill says above about the HSM vendors. We talk to HSM vendors often because many DNSSEC signers use HSMs (as do we for the DNS root), and we get questions about their support for ECDSA and EdDSA a fair amount. We get wildly inconsistent responses from the HSM vendors, but the theme is more often "show us the demand" than "we're waiting on FIPS".

For what it is worth in this conversation, five ccTLDs in the DNS root are currently signing with ECDSA, and two of them have said publicly that they intend to start signing with EdDSA in the next few years.

--Paul Hoffman
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3915 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20181221/45e5ee2a/attachment.p7s>


More information about the Servercert-wg mailing list