I think this was supposed to be sent to the list. (It was my fault actually; I messed up in my second e-mail so it didn't have the security-dev in the "To" header. So replies to it get sent to me and not the list. Sorry.)
Begin forwarded message: Date: Thu, 23 Dec 2010 16:29:02 -0500 From: Michael StJohns <[email protected]> To: Samuel Lidén Borell <[email protected]>, Xuelei Fan <[email protected]> Subject: Re: 7007966: Add Brainpool ECC support (RFC 5639) Hi - There's support for TLS and then there's support in the JDK, and finally there's support in PKCS11. As I recall, sun/security/ec/NamedCurve and sun/security/ec/SunECEntries need to be modified to add the name to OID mappings so that external libs can support those curves as providers - that also covers PKCS11 mostly. Changes are about a line each in those two files, but you'll have to use something like BouncyCastle to actually implement the curve. The issue of adding support for a brainpool curve in TLS is a somewhat orthogonal issue. To add this to the IANA registry requires another RFC, or a mod to the existing RFC 5246. Given the date of that RFC and the date of the brainpool curves and the composition of the RFC authors, I'd say a conscious decision was made to not include the curves in the RFC - probably for IPR reasons. I could be wrong. Mike At 03:27 AM 12/23/2010, Samuel Lidén Borell wrote: >Hi, > >I've never worked with transport security so it's not really my area, and I >don't know of any efforts to get Brainpool registered with IANA. > >Regards, >Samuel Lidén Borell > > > >On Wed, 22 Dec 2010 22:08:39 +0800 >Xuelei Fan <[email protected]> wrote: > >> Hi, >> >> To use those EC curves in TLS, IANA need to register these curves[*]. Do >> you know any effort to use these curves in TLS? >> >> Thanks, >> Xuelei >> >> [*] >> http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-8 >> >> On 12/22/2010 9:38 PM, Samuel Lidén Borell wrote: >> > Hi, >> > >> > Would it be possible to support Brainpool ECC [1] in OpenJDK (as named >> > curves)? The Brainpool curves are used in European ePassport deployments, >> > for example. >> > >> > I've submitted a RFE [2] and started working on a patch [3]. >> > >> > [1] http://tools.ietf.org/html/rfc5639 >> > [2] http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7007966 >> > [3] https://gist.github.com/740601 >> > >> > Regards, >> > Samuel Lidén Borell -- Samuel Lidén Borell <[email protected]>
