7007966: Add Brainpool ECC support (RFC 5639)

Brad Wetmore bradford.wetmore at oracle.com
Thu Dec 23 17:04:27 PST 2010


 > To use those EC curves in TLS, IANA need to register these curves[*].
 > Do you know any effort to use these curves in TLS?

Xuelei was primarily asking about this from the TLS perspective.  RFC 
5639 just claims its use would be consistent with the existing TLS ECC 
approaches, but I don't know of current efforts to actually add them for 
TLS.

For the more general case, we can consider it, but as with anything ECC, 
patent issues will come up.  RFC 5639 claims "no knowledge of any 
intellectual property rights...may require use of inventions covered by 
patents rights."  This would require significant legal review.

Brad





On 12/22/2010 6:08 AM, Xuelei Fan wrote:
> Hi,
>
> To use those EC curves in TLS, IANA need to register these curves[*]. Do
> you know any effort to use these curves in TLS?
>
> Thanks,
> Xuelei
>
> [*]
> http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-8
>
> On 12/22/2010 9:38 PM, Samuel Lidén Borell wrote:
>> Hi,
>>
>> Would it be possible to support Brainpool ECC [1] in OpenJDK (as named curves)? The Brainpool curves are used in European ePassport deployments, for example.
>>
>> I've submitted a RFE [2] and started working on a patch [3].
>>
>> [1] http://tools.ietf.org/html/rfc5639
>> [2] http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7007966
>> [3] https://gist.github.com/740601
>>
>> Regards,
>> Samuel Lidén Borell
>



More information about the security-dev mailing list