[OTR-dev] RSA signatures again

Gregory Maxwell gmaxwell at gmail.com
Mon Aug 26 17:51:12 EDT 2013


On Mon, Aug 26, 2013 at 2:39 PM, Tom Ritter <tom at ritter.vg> wrote:
> A small note - ECC is being enabled in RHEL[0], but not (yet) in
> Fedora.  If that sounds crazy, it is, but it's also the truth[1].
>
> (If anyone wants to help them, they basically just need to know the
> [specific, mathematical equations used in] ECC operations in openssl,
> and their publish date.[2])

Part of the challenge there is that OpenSSL implements many
specialized optimizations for different curves, some of which may be
patented, and provides no useful differentiation between the boring,
existed since the mid 80s, generic implementations ECDSA over prime
fields and things like the specialized implementations for
characteristic 2 fields which are a lot closer to patented subject
matter.

This is really something that upstream should care about and have some
ongoing diligence in dealing with, that it doesn't reflects poorly the
quality of its maintenance.



More information about the OTR-dev mailing list