> Am 21.12.2023 um 13:28 schrieb Andrew C Aitchison via mailop > <mailop@mailop.org>: > > On Thu, 21 Dec 2023, John R Levine via mailop wrote: >> I'm sure that Google has code somewhere that can validate ED25519 >> signatures. But that does not mean that it would be a good idea for them to >> use that code in production today and try to update their reputation systems >> to deal with the dual signing that implies. >> >> As I've said several times, unless there is a cryptographic problem with >> RSA, there is no reason to *use* any other kind of signature. > > Unless we enable ED25519 verification ahead of time, if or when RSA is broken > we wil have to coordinate the switch from RSA to ED25519 signatures, > which makes the unsecured gap longer than necessary. > > Does the standard explain how we will all know when to switch ?
To be fair it is more than unlikely that cryptographic algorithms that are in use for years or decades break over night. It’s more of a process that takes years by itself: Some people publish ways to break signatures a little bit faster, computing power increases, new attacks get known, etc At some point a larger part of the people involved come to the conclusion that if it continues like this, RSA 2048 bit keys cannot be considered secure anymore in 5-10 years, so it’s better to move on. A replacement should already exist at this point, but it’s not necessary to start the migration beforehand. — BR Oliver ________________________________ dmTECH GmbH Am dm-Platz 1, 76227 Karlsruhe * Postfach 10 02 34, 76232 Karlsruhe Telefon 0721 5592-2500 Telefax 0721 5592-2777 dmt...@dm.de<mailto:dmt...@dm.de> * www.dmTECH.de<http://www.dmtech.de> GmbH: Sitz Karlsruhe, Registergericht Mannheim, HRB 104927 Geschäftsführer: Christoph Werner, Martin Dallmeier, Roman Melcher ________________________________ Datenschutzrechtliche Informationen Wenn Sie mit uns in Kontakt treten, beispielsweise wenn Sie an unser ServiceCenter Fragen haben, bei uns einkaufen oder unser dialogicum in Karlsruhe besuchen, mit uns in einer geschäftlichen Verbindung stehen oder sich bei uns bewerben, verarbeiten wir personenbezogene Daten. Informationen unter anderem zu den konkreten Datenverarbeitungen, Löschfristen, Ihren Rechten sowie die Kontaktdaten unserer Datenschutzbeauftragten finden Sie hier<https://www.dm.de/datenschutzerklaerung-kommunikation-mit-externen-493832>. _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
