Hi, Changes:
* Clarified that point validation MUST be done as pointed out by Dan Brown and Scott Fluhrer * Removed questionable statements in the security considerations after comments by Dan Brown * Added an explanation of point compression and compact representation as suggested by Hannes Tschofenig. The main use case for the draft is cTLS with P-256 and ECDSA, which is something I suspect that people want to do. As pointed out be Scott the same message sizes can already be achieved with x25519 and ed25519. Cheers, John From: internet-dra...@ietf.org <internet-dra...@ietf.org> Date: Thursday, 19 January 2023 at 08:37 To: John Mattsson <john.matts...@ericsson.com>, John Mattsson <john.matts...@ericsson.com> Subject: New Version Notification for draft-mattsson-tls-compact-ecc-03.txt A new version of I-D, draft-mattsson-tls-compact-ecc-03.txt has been successfully submitted by John Preuß Mattsson and posted to the IETF repository. Name: draft-mattsson-tls-compact-ecc Revision: 03 Title: Compact ECDHE and ECDSA Encodings for TLS 1.3 Document date: 2023-01-19 Group: Individual Submission Pages: 9 URL: https://www.ietf.org/archive/id/draft-mattsson-tls-compact-ecc-03.txt Status: https://datatracker.ietf.org/doc/draft-mattsson-tls-compact-ecc/ Html: https://www.ietf.org/archive/id/draft-mattsson-tls-compact-ecc-03.html Htmlized: https://datatracker.ietf.org/doc/html/draft-mattsson-tls-compact-ecc Diff: https://author-tools.ietf.org/iddiff?url2=draft-mattsson-tls-compact-ecc-03 Abstract: The encodings used in the ECDHE groups secp256r1, secp384r1, and secp521r1 and the ECDSA signature algorithms ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, and ecdsa_secp521r1_sha512 have significant overhead and the ECDSA encoding produces variable-length signatures. This document defines new optimal fixed-length encodings and registers new ECDHE groups and ECDSA signature algorithms using these new encodings. The new encodings reduce the size of the ECDHE groups with 33, 49, and 67 bytes and the ECDSA algorithms with an average of 7 bytes. These new encodings also work in DTLS 1.3 and are especially useful in cTLS. The IETF Secretariat
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
