> The authors have conferred on this and at this time we don't think that we > can recommend anything other than EC ciphers... IMHO, this is the only simple and generally implementable recommendation at this point.
Cheers, Andrei -----Original Message----- From: Uta <uta-boun...@ietf.org> On Behalf Of Peter Saint-Andre Sent: Saturday, July 30, 2022 12:41 PM To: Cullen Jennings <flu...@iii.ca>; draft-ietf-uta-rfc7525bis....@ietf.org Cc: a...@ietf.org; last-c...@ietf.org; uta@ietf.org Subject: [EXTERNAL] Re: [Uta] Artart last call review of draft-ietf-uta-rfc7525bis-09 On 7/30/22 10:10 AM, Peter Saint-Andre wrote: > On 7/30/22 9:30 AM, Cullen Jennings wrote: >> >> >>> On Jul 14, 2022, at 1:13 PM, Peter Saint-Andre <stpe...@stpeter.im >>> <mailto:stpe...@stpeter.im>> wrote: >>> >>>> >>>> Given the requirements for crypto agility, I think this there >>>> should be at least one MTI algorithm that does not rely on EC. >>>> Pinning all your hopes on a single algorithm surely is not the best >>>> security advice the IETF can provide. >>>> If a EC did have a problem, clearly we would want something already >>>> build and deployed that we could switch too. >>> >>> The authors will discuss this and reply again. >> >> I just wanted to see if there were any update on this one. I think it >> is the most serious concern raised in my review. > > I think the authors might have missed this one in our work on -10. Hi again, The authors have conferred on this and at this time we don't think that we can recommend anything other than EC ciphers, for several reasons: 1. DHE negotiation is broken. 2. Static RSA is out of the question. 3. Post-quantum (PQ) methods aren't ready yet. Our forecast is that a few years from now the PQ methods will be ready for recommending in 7525ter, but for now EC is the best we can do. Peter _______________________________________________ Uta mailing list Uta@ietf.org https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Futa&data=05%7C01%7CAndrei.Popov%40microsoft.com%7C9277e2d4fdf644156d8308da726399b9%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637948069552925638%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=jSUJRuOGcpU016JSV7DZmdEcltSPyIoIjaJyAU5YUWs%3D&reserved=0 _______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
