This version just fixes a few nits. - I think the new encodings make sense for cTLS where my understanding is that people likely want to keep using P-256 key share. Then the new encodings save 80 bytes per mutually authenticated handshake. - The new encodings are not needed for non-constrained TLS. There x25519 rules and the new ECDSA encoding in a handshake where only the server is authenticated saves 7 bytes. - I think new code points should only be registered if people want to use this in cTLS.
Cheers, John From: internet-dra...@ietf.org <internet-dra...@ietf.org> Date: Wednesday, 29 March 2023 at 13:20 To: John Mattsson <john.matts...@ericsson.com>, John Mattsson <john.matts...@ericsson.com> Subject: New Version Notification for draft-mattsson-tls-compact-ecc-04.txt A new version of I-D, draft-mattsson-tls-compact-ecc-04.txt has been successfully submitted by John Preuß Mattsson and posted to the IETF repository. Name: draft-mattsson-tls-compact-ecc Revision: 04 Title: Compact ECDHE and ECDSA Encodings for TLS 1.3 Document date: 2023-03-29 Group: Individual Submission Pages: 9 URL: https://www.ietf.org/archive/id/draft-mattsson-tls-compact-ecc-04.txt Status: https://datatracker.ietf.org/doc/draft-mattsson-tls-compact-ecc/ Html: https://www.ietf.org/archive/id/draft-mattsson-tls-compact-ecc-04.html Htmlized: https://datatracker.ietf.org/doc/html/draft-mattsson-tls-compact-ecc Diff: https://author-tools.ietf.org/iddiff?url2=draft-mattsson-tls-compact-ecc-04 Abstract: The encodings used in the ECDHE groups secp256r1, secp384r1, and secp521r1 and the ECDSA signature algorithms ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, and ecdsa_secp521r1_sha512 have significant overhead and the ECDSA encoding produces variable-length signatures. This document defines new optimal fixed-length encodings and registers new ECDHE groups and ECDSA signature algorithms using these new encodings. The new encodings reduce the size of the ECDHE groups with 33, 49, and 67 bytes and the ECDSA algorithms with an average of 7 bytes. These new encodings also work in DTLS 1.3 and are especially useful in cTLS. The IETF Secretariat
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls