I just heard a most interesting talk at M3AAWG about postquantum crypto
and particularly about the NIST candidate algorithms. Many of them have
much larger key or signature sizes than any current algorithm, like 10,000
bits or more. Some are a lot slower than others. Has anyone been looking
at how these algorithms would or would not work with DNSSEC? NIST is
accepting comments and the talk said they particularly want comments from
industry on how this would affect existing applications.
I can imagine ways to make things work, e.g, hashes in some places rather
than signatures, but I don't understand DNSSEC in enough detail to figure
out what's a show stopper.
Regards,
John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop