Integrate HACL* EdDSA over Curve25519
Categories
(NSS :: Libraries, defect, P3)
Tracking
(Not tracked)
People
(Reporter: franziskus, Assigned: nkulatova, NeedInfo)
References
(Blocks 2 open bugs, )
Details
(Whiteboard: [nss-nofx])
Attachments
(5 files, 2 obsolete files)
Tracking implementation of EdDSA.
|
||
Updated•6 years ago
|
|
Reporter | |
Updated•6 years ago
|
|
||
Comment 3•5 years ago
|
||
|
|
||
Updated•4 years ago
|
|
||
Updated•3 years ago
|
|
||
Comment 5•3 years ago
|
||
Can we update the description of this bug so that it includes Curve25519, Curve25519 or Curve448, Ed448 keywords? I was searching bugzilla for all EC-related bugs and could not find this one (and filed https://bugzilla.mozilla.org/show_bug.cgi?id=1644232 as a result)
|
|
||
Updated•3 years ago
|
|
||
Comment 6•2 years ago
|
||
One this bug is resolved it will be possible to use X.509 certs with ED25519 public key for TLS in Firefox and Thunderbird, right?
|
|
||
Comment 7•2 years ago
|
||
One this bug is resolved
"Once this bug is resolved..."
|
|
||
Comment 8•2 years ago
|
||
Not immediately, because it will require some work for TLS and we don’t support those in 1.3. I have to double check but I am don’t think Ed25519 certs are allowed by the CAB forum either. This is also why we haven’t spent the effort yet. But I’d like to add the code in NSS in the next few months since we have the code.
|
|
||
Comment 9•2 years ago
|
||
Not immediately, because it will require some work for TLS and we don’t support those in 1.3.
I guess that effort will be then tracked in a separate bug?
I have to double check but I am don’t think Ed25519 certs are allowed by the CAB forum either.
I was thinking more of TLS client certs here rather than ones issued by some public CA.
But I’d like to add the code in NSS in the next few months since we have the code.
Great, thanks!
|
||
Comment 10•2 years ago
|
||
(In reply to Benjamin Beurdouche [:beurdouche] from comment #8)
Not immediately, because it will require some work for TLS and we don’t support those in 1.3. I have to double check but I am don’t think Ed25519 certs are allowed by the CAB forum either. This is also why we haven’t spent the effort yet. But I’d like to add the code in NSS in the next few months since we have the code.
Hi Benjamin,
Do you have plans for adding the complete code for supporting EdDSA (all 4 layers of NSS) ??
|
|
||
Comment 11•2 years ago
|
||
|
|
||
Comment 12•2 years ago
|
||
Depends on D113702
|
|
||
Updated•2 years ago
|
|
|
||
Updated•2 years ago
|
|
|
||
Updated•2 years ago
|
|
|
||
Updated•2 years ago
|
|
|
||
Updated•2 years ago
|
|
|
||
Updated•2 years ago
|
|
|
||
Updated•2 years ago
|
|
|
||
Updated•2 years ago
|
|
|
||
Updated•2 years ago
|
|
|
||
Comment 13•2 years ago
|
||
Depends on D113702
|
|
||
Comment 14•2 years ago
|
||
|
|
||
Comment 15•2 years ago
|
||
|
|
||
Comment 16•2 years ago
|
||
Depends on D117430
|
||
Updated•8 months ago
|
|
||
Comment 17•6 months ago
|
||
The bug assignee is inactive on Bugzilla, so the assignee is being reset.
|
|
||
Updated•6 months ago
|
|
||
Comment 18•5 months ago
|
||
I'm planing to work on the implementation of Ed25519 and X25519 algorithms for the WebCrypto API, but I believe we would need to complete the implementation of the crypto primitives in NSS, which I believe is the goal goal of this bug.;Is still active ? What are the plans for it ?
It seems Chrome and WebKit are actively working on the implementation of both algorithms, so it'd be great to catch up with them and avoid future interoperability issues.
|
|
||
Comment 19•4 months ago
|
||
Redirect a needinfo that is pending on an inactive user to the triage owner.
:beurdouche, since the bug has recent activity, could you have a look please?
For more information, please visit auto_nag documentation.
|
|
||
Updated•3 months ago
|
Description
•