This article is interesting, but it found it striking that it made absolutely no mention of Curve25519 [0], which has become quite popular today as an replacement for P-256 and co.
Perhaps things would have been different had the article not been written 3 years before the Dual EC backdoor fiasco.
I think what the root comment is referencing is that the dual EC standard being possibly compromised has made people take a closer look at NIST standards related to their curves.
We don't want to move to it because it's "more trusted". We want it because it's a better curve. Most critically: for the most common applications, Curve25519 avoids the need for point validation, eliminating a class of vulnerabilities. It's also much easier to implement in constant time.
This is not an especially useful analysis. In particular, few specialists in 2016 would make decisions based on which standards bodies support a given curve.
8 comments
[ 3.3 ms ] story [ 33.0 ms ] thread[0] https://en.wikipedia.org/wiki/Curve25519
Edit: Curve25519 may have been unheard of in 2010.
This "analysis" just isn't good at all.
My personal acid test to quickly check the worthiness of a page discussing crypto standards : whether IPsec is spelled correctly.
There's a nice table showing which curves are safe and which curves are not.