[Servercert-wg] Ed25519 certificates
Q Misell
q at as207960.net
Mon Jun 10 14:49:22 UTC 2024
Thanks for passing that on, I'll keep a close eye on that proposal.
------------------------------
Any statements contained in this email are personal to the author and are
not necessarily the statements of the company unless specifically stated.
AS207960 Cyfyngedig, having a registered office at 13 Pen-y-lan Terrace,
Caerdydd, Cymru, CF23 9EU, trading as Glauca Digital, is a company
registered in Wales under № 12417574
<https://find-and-update.company-information.service.gov.uk/company/12417574>,
LEI 875500FXNCJPAPF3PD10. ICO register №: ZA782876
<https://ico.org.uk/ESDWebPages/Entry/ZA782876>. UK VAT №: GB378323867. EU
VAT №: EU372013983. Turkish VAT №: 0861333524. South Korean VAT №:
522-80-03080. AS207960 Ewrop OÜ, having a registered office at Lääne-Viru
maakond, Tapa vald, Porkuni küla, Lossi tn 1, 46001, trading as Glauca
Digital, is a company registered in Estonia under № 16755226. Estonian VAT
№: EE102625532. Glauca Digital and the Glauca logo are registered
trademarks in the UK, under № UK00003718474 and № UK00003718468,
respectively.
On Mon, 10 Jun 2024 at 15:21, Inigo Barreira <Inigo.Barreira at sectigo.com>
wrote:
> FYI. TBD next week at the ETSI ESI meeting.
>
>
>
> Title: Proposed CR#7 on TS 119 312: Introduce EdDSA incl. its variants
> (Ed448 and Ed25519)
>
>
>
> Source: European Commission
>
> Abstract: ETSI TS 119 312 provides guidance on selection of cryptographic
> suites with particular emphasis on interoperability. The Edwards-Curve
> Digital Signature Algorithm (EdDSA) is a state-of-the-art algorithm for
> electronic signatures. It is recommended by experts in cryptography and
> information security and adopted in many Internet security applications and
> specifications. Unfortunately, the currently published version of TS 119
> 312 does not reference EdDSA. This change request proposes to add EdDSA as
> a recommended digital signature algorithm to TS 119 312. The European
> Commission’s eDelivery Building Block is updating its eDelivery AS4
> guidelines and would like to use EdDSA as digital signature algorithm in
> the updated version. Addition of EdDSA to TS 119 312 would contribute to
> the continued broad adoption of eDelivery AS4 as an interoperable, open
> standards-based eDelivery solution based on state-of-the-art security.
>
>
>
> *De:* Servercert-wg <servercert-wg-bounces at cabforum.org> *En nombre de *Ben
> Wilson via Servercert-wg
> *Enviado el:* sábado, 8 de junio de 2024 19:28
> *Para:* Q Misell <q at as207960.net>; CA/B Forum Server Certificate WG
> Public Discussion List <servercert-wg at cabforum.org>
> *Asunto:* Re: [Servercert-wg] Ed25519 certificates
>
>
>
> CAUTION: This email originated from outside of the organization. Do not
> click links or open attachments unless you recognize the sender and know
> the content is safe.
>
>
>
> Hi Q,
>
> I'm checking with the crypto team here at Mozilla and will let you know
> from our perspective.
>
> Thanks,
>
> Ben
>
>
>
> On Sat, Jun 8, 2024 at 4:39 AM Q Misell via Servercert-wg <
> servercert-wg at cabforum.org> wrote:
>
> Hi all,
>
>
>
> At the Tor meeting a few weeks ago I had some discussions with people
> asking why Ed25519 certificates are not allowed under the BR (§ 6.1.5). As
> far as I can tell there isn't much of a reason not to allow Ed25519 certs
> (if a CA wishes to support them ofc) and there were a few scenarios
> presented to me where Ed25519 certs would be useful in the context of Tor,
> which already makes heavy usage of Ed25519 keys.
>
>
>
> Would there be motivation to change the rules to allow Ed25519 certs, or
> is there some reason I'm missing as to why they're not allowed?
>
>
>
> Thanks,
>
> Q Misell
> ------------------------------
>
> Any statements contained in this email are personal to the author and are
> not necessarily the statements of the company unless specifically stated.
> AS207960 Cyfyngedig, having a registered office at 13 Pen-y-lan Terrace,
> Caerdydd, Cymru, CF23 9EU, trading as Glauca Digital, is a company
> registered in Wales under № 12417574
> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fe.as207960.net%2Fw4bdyj%2Fxa9BLe6P&data=05%7C02%7Cinigo.barreira%40sectigo.com%7C4b4712c830324ac756da08dc87e05a7e%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638534644894584806%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=SM171wmCTojaom3MWlX5MUZF4jlUlJmx7Zg4J2Eq6Z4%3D&reserved=0>,
> LEI 875500FXNCJPAPF3PD10. ICO register №: ZA782876
> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fe.as207960.net%2Fw4bdyj%2Fh2BMZREa&data=05%7C02%7Cinigo.barreira%40sectigo.com%7C4b4712c830324ac756da08dc87e05a7e%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638534644894596564%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=1Q7fzWI5%2BUpjT8xYpmD9TLF8l7LjkRL5nREqDzchD1U%3D&reserved=0>.
> UK VAT №: GB378323867. EU VAT №: EU372013983. Turkish VAT №: 0861333524. South
> Korean VAT №: 522-80-03080. AS207960 Ewrop OÜ, having a registered office
> at Lääne-Viru maakond, Tapa vald, Porkuni küla, Lossi tn 1, 46001, trading
> as Glauca Digital, is a company registered in Estonia under № 16755226.
> Estonian VAT №: EE102625532. Glauca Digital and the Glauca logo are
> registered trademarks in the UK, under № UK00003718474 and № UK00003718468,
> respectively.
>
> _______________________________________________
> Servercert-wg mailing list
> Servercert-wg at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/servercert-wg
> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.cabforum.org%2Fmailman%2Flistinfo%2Fservercert-wg&data=05%7C02%7Cinigo.barreira%40sectigo.com%7C4b4712c830324ac756da08dc87e05a7e%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638534644894604965%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=60ZIrZGBb1LCy%2FdotmrLTw3EUJj2S%2B9m6XNHasqXGwM%3D&reserved=0>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20240610/61c9519a/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4640 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20240610/61c9519a/attachment-0001.p7s>
More information about the Servercert-wg
mailing list