Informal Minutes of the IEEE P1363 Editorial Teleconference Wednesday, August 12, 1998, 10 a.m. Pacific Daylight Time Present: Lily Chen Don Johnson Shirley Kawamoto David Kravitz Leo Reyzin Roger Schlafly Jerry Solinas Yiqun Lisa Yin Robert Zuccherato 1) Lisa went over the status of the project. She attended the June 13 meeting of our sponsor, Microprocessor Standards Committee, which approved our request to go to ballot. Terry Arnold, our vice-chair has been working on forming the ballot body. So far, 39 people have signed-up, and seem to form a well-balanced group. P1363a received a number of submissions, all of which are posted on our web site. Presentation of the P1363a submissions will start at the August meeting. 2) Leo went over the status of the draft. Most sections incorporating decisions of the June meeting were posted early or on-time, on July 27, as agreed at the June meeting. The comment period on those sections ended on August 10. A few sections and changes were posted 3-4 days late; the comment period on those ends on August 14. All of the comments received by August 10, and changes resulting from them, were summarized in a message from Lisa to the mailing list. The few technical comments that were received will be discussed at the August meeting. Leo said he was planning to take care of all the editorial comments before the August meeting; at least some portions of the document would be available about one week before. 3) Don asked about the status on RSA patent letter. Lisa replied that she expected something to be available at the Crypto meeting and would remind RSADSI's legal department to provide the letter as soon as possible. Don pointed out that the letter from RSADSI should include information about Schnorr's patent, because Schnorr had asserted that his patent covered DSA and that RSADSI had exclusive rights to it. In response to further questions about the current status of patent issues, Leo said that the most up-to-date information was available on the web page, including many patent letters. Lisa said that Burt and Terry were working on a letter on patents that would go out to the ballot body together with the draft; Leo said that he would ask Burt or Terry if it could be posted to the web site. 4) Don went over some of the comments he had on Annex D. (a) We decided to make sure that in our pointer to FIPS 140-1 in the random number generation section, we will point out that there are statistical test and continuous tests, in different sections of the FIPS, to make sure the readers don't miss either. We also decided to mention that ANSI and ISO have started work on random number generation standards or recommendations. (b) We decided to make the text that suggests that an authority may check for duplicate public keys neutral rather than discouraging, as it currently is. (c) Regarding generating the field order for the elliptic curves over prime fields, we decided to point out that the seeded hash method can be used, but there were currently no known reasons for using it. (d) We had a discussion on whether or not to point out for elliptic curves over binary fields that it was conjectured that binary fields 2^m for prime m were more secure than those for composite m. Don believed that this was a well-established conjecture, and should be at least pointed out. Jerry said that, to be consistent we should either point it out together with the seeded hash method for the generation of the prime field order (in the EC over prime fields case), or point out neither of the two, because both of these suggestions were based on equally unproven conjectures. Roger and Lisa said that they had not seen any mention of it anywhere in the literature. We agreed to have a discussion of this on the mailing list. (e) Regarding key validation, Leo said he would augment the key validation sections with more details on what key validation did and did not provide, and point out that no IF key validation techniques were specified in the standard (but provide pointers to the literature, if any). We adjourned at 11:15 a. m.