[OTR-dev] RSA signatures again

Gregory Maxwell gmaxwell at gmail.com
Mon Aug 26 13:48:18 EDT 2013


On Mon, Aug 26, 2013 at 10:33 AM, Taylor R Campbell <campbell at mumble.net> wrote:
> Instead of ECDSA, why not Ed25519?  It is unencumbered by patents, and

So is normal ECDSA (implemented over suitable fields without
particular optimizations): http://tools.ietf.org/html/rfc6090

> as an added benefit over DSA and ECDSA, it doesn't rely on an entropy
> source to make signatures.

So can ECDSA:  http://tools.ietf.org/html/rfc6979

No to say that ed25519 isn't spiffy good stuff with a nice fast
implementation and all... and maybe it escapes some particular flavor
of Redhat paranoia.  But these properties are not unique to it.



More information about the OTR-dev mailing list