RE: I-D ACTION:draft-ietf-pkix-ipki-ecdsa-01.txt

[Tim Polk <wpolk@xxxxxxxx>]

Anders,

These are very reasonable questions!

#1 ECC refers to the broader class of elliptic curve cryptographic
algorithms.  ECDSA is a specific ECC algorithm.  It is basically an ECC
analog to the Digital Signature Algorithm (DSA).

#2 The scope of this specification was formatting ECDSA keys in X.509
certificates and ECDSA signatures on certs and CRLs.  X9.62 was
sufficiently stable to support this scope.

We were waiting until X9.63 stabilized (X9.63 specifies key agreement and
key transfer algorithms) to address key management keys.  The same key
syntax will work for the forthcoming X9.63, so it should be an incremental
upgrade... same syntax *with* the optional cofactor, different key usage
bits.  (Signature syntax doesn't apply of course.)

X9.63 is getting close, so we will probably follow up with a spec for ECC
key management keys later this year.

Thanks,

Tim Polk

At 04:31 PM 6/7/99 +0200, Anders Rundgren wrote:
>Neophyte ECC / ECDSA Question:
>
>1.  ECC and ECDSA denote the same basic technology?
>
>2. How come the keyEncipherment, dataEncipherment, keyAgreement cannot be
>set in an ECDSA-compatible cert?  I.e. cannot be used for encryption?
>
>Sorry for these probably naive questions but those who never ask will
continue to be ignorant :-)
>
>Regards
>Anders Rundgren
>
>