I support a MUST for RSA_PSS for certificate verify, and it does seem like a good idea to be algorithm agile.
Russ On Jul 6, 2016, at 1:23 PM, Joseph Salowey <j...@salowey.net> wrote: > I don't think we ever call consensus on this topic. It looks like there is > rough consensus to move forward with RSA-PSS as the MUST implement algorithm > for certificate verify in TLS 1.3 and not allow PKCS-1.5. During the > discussion it also seemed that it is realistic that we may want to add > additional types in the future. We may want better separation of signature > types of certificates and certificate verify. > > Cheers, > > J&S > > On Wed, Mar 9, 2016 at 2:05 AM, Hubert Kario <hka...@redhat.com> wrote: > On Tuesday 08 March 2016 18:41:32 Viktor Dukhovni wrote: > > On Tue, Mar 08, 2016 at 07:24:37PM +0100, Hubert Kario wrote: > > > No, I said that we have no reason to believe that quantum computers > > > won't follow exponential increase in number of qbits they can > > > handle, > > > with the highest increase not exceeding doubling every year, but > > > more > > > likely doubling every two years (as every other technological > > > development did till now). > > > > There's reason to be skeptical of such analogies. Moore's law was > > neither a theorem nor a law of nature. It was an observation about > > progress in feature-size shrink of silicon transistors. It is far > > from clear that evolution of silicon fabrication is a relevant model. > > That's why I'm not saying that it will be exactly like Moore's law. > > My point is, that processes which have super-exponential growth are the > exception, not the rule (if they exist at all). And you would be hard > pressed to find any process in history that experienced exponential > growth over a long time span and be at the same time vastly faster than > the Moore's law. > -- > Regards, > Hubert Kario > Senior Quality Engineer, QE BaseOS Security team > Web: www.cz.redhat.com > Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
