Benjamin Kaduk <[email protected]> wrote: >> As the thread between Neil and Ilari shows, there were reasons to make >> different choices. >> >> My take, being intentionally not intimate with such issues, is that the best >> encoding for using the key may not be the best encoding for transmitting the >> key. That the translation between the two forms might sometimes fail, and
> This sounds like you are in favor of allowing multiple "kty" values?
Uhm, I'm not sure I think that.
I think that I said that it could be that need to accomodate different
encodings. I didn't think that they would both be present.
>> so it's a protocol decision as to which to transmit, which to sign (in a
>> certificate), etc.
>> (And that this was the entire lwig-curves document's point)
> FWIW, my understanding is that if the translation fails then the point/key
> is malformed anyway and should not be used.
I guess translation fails, means there is a non-sense operation in the
middle, like divide-by-zero or infinity? That is, it can be detected.
I agree that this is true for Ecliptic Point algorithms that we currently use.
It could be (I have no knowledge here) that this isn't always the case.
Could the translation fail, but result in what syntatically looks right, but
it just always fails to validate a signature?
Is that distinguishable from the case where Mallory toggles some bits?
--
Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
