View Issue Details

IDProjectCategoryView StatusLast Update
000952110000-006: MappingsSpecpublic2024-06-14 20:43
ReporterDominik Ziegler Assigned ToRandy Armstrong  
PrioritynormalSeverityfeatureReproducibilityN/A
Status acknowledgedResolutionopen 
Summary0009521: Introduce ECC-curve25519-AES-128-GCM Profile
Description

To introduce greater flexibility and accommodate a wider range of use cases in OPC UA implementations, the introduction of an additional profile is suggested. The proposed profile, named "ECC-curve25519-AES-128-GCM," would utilize Curve25519 instead of nistP256 for key exchange, coupled with AES-128-GCM for encryption. This profile offers enhanced security while catering to scenarios where the use of nistP256 may not be ideal or desired.

By incorporating the ECC-curve25519-AES-128-GCM profile, OPC UA implementations can stay ahead of security challenges and adapt to diverse deployment environments more effectively. This addition will provide users with a modern encryption alternative and ensure compatibility with evolving security standards.

TagsSecurity
Commit Version
Fix Due Date

Activities

Randy Armstrong

2024-04-17 15:45

administrator   ~0021134

Agreed that adding GCM profiles is best for the long term.
Need resources to do prototyping and propose any spec changes.
This is best handled by the FLC WG.

Issue History

Date Modified Username Field Change
2024-04-15 12:58 Dominik Ziegler New Issue
2024-04-15 12:58 Dominik Ziegler Tag Attached: Security
2024-04-17 15:45 Randy Armstrong Assigned To => Randy Armstrong
2024-04-17 15:45 Randy Armstrong Status new => acknowledged
2024-04-17 15:45 Randy Armstrong Note Added: 0021134
2024-06-14 20:43 Paul Hunkar Project 10000-002: Security => 10000-006: Mappings