to be clear - ED25519 is much faster than the quantum-resistant alternatives, but that does not make it long term secure. To be more specific, we could see an announcement any day that someone has developed a quantum computer that will break it. Or it could be 5 more years - who knows. Google and Microsoft are two of the companies trying to break it. https://hedera.com/blog/are-ed25519-keys-quantum-resistant-exploring-the-future-of-cryptography
Peace ..tom jones On Fri, Apr 11, 2025 at 3:34 AM Anna Weine <nkulat...@mozilla.com> wrote: > @Tom do you have any link/article/post about the Ed25519 deprecation? I've > not heard about that so I'm very curious. > > Thanks, > A > > On Thursday, April 10, 2025 at 9:12:39 PM UTC+2 Tom Jones wrote: > >> I have been hearing other teams asking to use this "new" crypto in other >> standards, but i cannot for the life of me understand why any effort is >> being put into a crypto scheme that will surely be deprecated (at least by >> the NSA) by the end of this year. I didn't object to adding it here until >> others started to add it to new protocols - which is CLEARLY A BAD IDEA. >> >> ..tomj >> >> On Wednesday, April 9, 2025 at 8:17:38 AM UTC-7 Chris Harrelson wrote: >> >>> LGTM3 >>> >>> On Thu, Apr 3, 2025 at 1:51 AM Yoav Weiss (@Shopify) < >>> yoav...@chromium.org> wrote: >>> >>>> LGTM2 >>>> >>>> On Wed, Apr 2, 2025, 16:18 Daniel Bratell <brat...@gmail.com> wrote: >>>> >>>>> LGTM1 >>>>> >>>>> /Daniel >>>>> On 2025-03-31 11:42, Javier Fernandez wrote: >>>>> >>>>> Contact emails jfern...@igalia.com >>>>> >>>>> Explainer >>>>> https://github.com/WICG/webcrypto-secure-curves/blob/main/explainer.md >>>>> >>>>> Specification https://w3c.github.io/webcrypto/#ed25519 >>>>> >>>>> Design docs >>>>> >>>>> https://docs.google.com/document/d/1fDTUY3HVAXehi-eSfbi7nxh8ZPw4MpSKM8U1fMdqJlU/edit?usp=sharing >>>>> >>>>> Summary >>>>> >>>>> This feature adds support for Curve25519 algorithms in the Web >>>>> Cryptography API, namely the signature algorithm Ed25519 >>>>> >>>>> >>>>> Blink component Blink >>>>> <https://issues.chromium.org/issues?q=customfield1222907:%22Blink%22> >>>>> >>>>> TAG review https://github.com/w3ctag/design-reviews/issues/466 >>>>> >>>>> TAG review status Issues addressed >>>>> >>>>> Risks >>>>> >>>>> >>>>> Interoperability and Compatibility >>>>> >>>>> WebCrypto API was specified to allow the addition of new (normalized) >>>>> crypto algorithms. When an algorithm is not yet supported by a browser, an >>>>> exception of unrecognized algorithms would be thrown after invoking >>>>> related >>>>> APIs. >>>>> >>>>> >>>>> *Gecko*: Shipped/Shipping ( >>>>> https://bugzilla.mozilla.org/show_bug.cgi?id=1804788) >>>>> https://www.mozilla.org/en-US/firefox/130.0/releasenotes/ >>>>> >>>>> *WebKit*: Shipped/Shipping ( >>>>> https://bugs.webkit.org/show_bug.cgi?id=246145) >>>>> https://developer.apple.com/documentation/safari-technology-preview-release-notes/stp-release-178 >>>>> >>>>> *Web developers*: No signals >>>>> >>>>> *Other signals*: >>>>> >>>>> WebView application risks >>>>> >>>>> >>>>> >>>>> >>>>> Debuggability >>>>> >>>>> Will this feature be supported on all six Blink platforms (Windows, >>>>> Mac, Linux, ChromeOS, Android, and Android WebView)? Yes >>>>> >>>>> Is this feature fully tested by web-platform-tests >>>>> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> >>>>> ? Yes >>>>> >>>>> >>>>> https://wpt.fyi/results/WebCryptoAPI?label=experimental&label=master&aligned >>>>> >>>>> >>>>> Flag name on about://flags WebCryptoEd25519 >>>>> >>>>> Finch feature name None >>>>> >>>>> Non-finch justification >>>>> >>>>> The feature has been implemented behind WebCryptoEd25519 runtime flag. >>>>> >>>>> >>>>> Requires code in //chrome? False >>>>> >>>>> Tracking bug >>>>> https://bugs.chromium.org/p/chromium/issues/detail?id=1370697 >>>>> >>>>> Availability expectation The feature is already available on the Web >>>>> Platform, and shipped enabled by default in Firefox and Safari. >>>>> >>>>> Adoption expectation This feature is considered a best practice for >>>>> web apps that need support of Ed25519 signing and X25519 key sharing. >>>>> Relying on external libraries (JS, WASM) is the alternative and implies >>>>> security risks. >>>>> >>>>> Estimated milestones >>>>> Shipping on desktop 137 >>>>> Shipping on Android 137 >>>>> Shipping on WebView 137 >>>>> Shipping on iOS 137 >>>>> >>>>> Anticipated spec changes >>>>> >>>>> small-order checks - >>>>> https://github.com/WICG/webcrypto-secure-curves/issues/27 >>>>> >>>>> randomized signatures - >>>>> https://github.com/WICG/webcrypto-secure-curves/issues/28 >>>>> >>>>> Link to entry on the Chrome Platform Status >>>>> https://chromestatus.com/feature/4913922408710144?gate=5015367861141504 >>>>> >>>>> Links to previous Intent discussions Intent to Prototype: >>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/faf4f153-1d4c-915d-53d0-0968833cfe55%40igalia.com >>>>> >>>>> >>>>> This intent message was generated by Chrome Platform Status >>>>> <https://chromestatus.com/>. >>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "blink-dev" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to blink-dev+...@chromium.org. >>>>> To view this discussion visit >>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/dc12dc7c-1d3d-4b94-9507-2b7226b85622%40igalia.com >>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/dc12dc7c-1d3d-4b94-9507-2b7226b85622%40igalia.com?utm_medium=email&utm_source=footer> >>>>> . >>>>> >>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "blink-dev" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to blink-dev+...@chromium.org. >>>>> To view this discussion visit >>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/d2e25048-e41b-47dd-b442-c0c403bb4d1c%40gmail.com >>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/d2e25048-e41b-47dd-b442-c0c403bb4d1c%40gmail.com?utm_medium=email&utm_source=footer> >>>>> . >>>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "blink-dev" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to blink-dev+...@chromium.org. >>>> >>> To view this discussion visit >>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOmohSL4%2BSfY2%2BwYKK_MFrK3GXTMeeq0xrOD3pxdsN5P1Oa_Aw%40mail.gmail.com >>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOmohSL4%2BSfY2%2BwYKK_MFrK3GXTMeeq0xrOD3pxdsN5P1Oa_Aw%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>> . >>>> >>> -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAK2Cwb4u0d5JaQP9OH1JjSvLDc31_24w9JeePQxE7wt1Wdqrgg%40mail.gmail.com.
