On Mon, 31 Oct 2005 00:51:50 +0100, Christoph Anton Mitterer said: > I know that, of course, but I think that perhaps we'll have no ECC the > next 10 years or so,.. if noone makes the step,...
There is no reason for ECC. Even chip cards are getting powerful enough not to need ECC for cost reasons. There is also the problem with US patents on many curves and essential implementation details. OTOH, there seems to be a move in the NSIS to go for ECC for longer DSA key sizes; this is due to decision on the new DSA key sizes. So there might be a change in some time. > btw: If GnuPG would implement ECC and add it unofficially to OpenPGP it > could be done in such a way, that it is compatible with the ideas and Standards are a Good Thing and it is the politic of the GNU project to comply with reasonable standards as long as there are no technical reasons to to some thin else. Proliferation of algorithms is actual a Bad Thing. We have seen that in the past: It hinders compatibility because not all implementations will go for a certain optional feature of a standard. OpenPGP is a good standard and we don't want to play evil by adding something outside of the standard. If the WG agrees on adding certain EC based algorithms we will support it. There is no rush for it and all tries in the past to add ECC have not been agreed upon. > As you can see, lots of todays standards startet as one-man-application, > e.g. OpenPGP (from PGP/RSA Inc.), JavaScript->ECMAScript (from OpenPGP has nothing to do with RSA Inc. Try asking Phil about RSA Inc. and you will soon see why. The OpenPGP WG has been founded out of an initiative by Phil Zimmermann and Jon Callas at the 1997 Munich IETF with the aim to keep PGP alive even if their new company would fail. > And in my opinion,... the algorithm/system of ECC is fixed,... of course > each standard may define things like headers or other small details No it is not. There a many things one need to agree upon. However there are some EC based algorithms which have a lot of support. > So if GnuPG would (pseudo-officially) implement that now,.. it could be > the first compliant application later :-) No, we will however add some ECC support into Libgcrypt as time permits. Shalom-Salam, Werner _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
