[xmlsec] EdDSA Ed25519/Ed448 for XML Digital Signatures

Simon Josefsson simon at josefsson.org
Fri Dec 4 01:01:45 PST 2015

Hi.  Thanks for response.  I believe libgcrypt supports Ed25519, so that
ought to be straightforward.  I don't believe OpenSSL, NSS, or GnuTLS
supports it yet.  There is support in Nettle, so having support in
GnuTLS is probably not that far off.

I agree that this is probably not a big priority for xmlsec users, but
it may become.  I think I'll submit the draft to IETF as-is, and then
wait for implementations to materialize.  I don't think it will be moved
forward without implementation feedback.  The Apache Santuario's
response was similar to yours.  Are you aware of any other significant
XML Security libraries, btw?


tor 2015-12-03 klockan 16:54 -0800 skrev Aleksey Sanin:
> Hi Simon,
> Adding a new algo to xmlsec is pretty straightforward (if the underlying
> crypto engine supports it). Said that, I don't know if this is something
> important for xmlsec users.
> Best
> Aleksey
> On 12/2/15 6:25 AM, Simon Josefsson wrote:
> > Hi.  I have prepared a writeup on how to add the EdDSA Ed25519/Ed448
> > public-key digital signature algorithm to XMLDSIG.
> > 
> > https://mailarchive.ietf.org/arch/msg/curdle/Ylertitv43TdDrcm4ufh2LxdBjM
> > 
> > Are you interested in implementing this?  If so, your feedback on the
> > description is appreciated.  If there is interest among XMLDSIG
> > implementers, I would turn this into a proper IETF draft.
> > 
> > /Simon
> > 
> > 
> > 
> > _______________________________________________
> > xmlsec mailing list
> > xmlsec at aleksey.com
> > http://www.aleksey.com/mailman/listinfo/xmlsec
> > 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20151204/b128e7d8/attachment.sig>

More information about the xmlsec mailing list