[Ach] choosing safe curves for elliptic-curve cryptography

Aaron Zauner azet at azet.org
Mon May 12 18:44:11 CEST 2014

ianG wrote:
> The issue of safe curves is at the wrong layer for the BetterCrypto
> paper -- choosing safe curves should be done by the developer, and
> should be fixed in the code.  There shouldn't be any choice available to
> the application admin.
Actually, I don't think it should be done by the developer but rather by
people that define standards. Currently you can only negotiate for NIST
curves in TLS,..


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20140512/e2b20251/attachment.sig>

More information about the Ach mailing list