Hi all, tx to John I am now made aware of this one. I am just back from IETF 125 so I will look at this one carefully when my is brain is really functioning.
This LS comes from SG13 I am SG17 Chair and a requirement for any SG chair in ITU-T (being the only inter-governmental SDO on the planet) are: neutrality, impartiality and integrity and I have a strong reputation on the 3. In general I could come a long way on the discussion between PQC vs QKD and start by a story when I started at CERN in 1993 And whilst I can understand the point of view of the PQC side, the ways that messages are expressed are in fact not helping. It is not the time here for me to explain, in SG17 why I welcomed QKD and hybrid QKD/PQC mandate in Question 15, how (and how hard it at been) I could negotiate the border lines of PQC use and migration in Q11 vs all sorts of internal and external circumstances That both Q11 and Q15 are doing some good work and how proud I am about my leadership and membership here. Nothing perfect but a happy chair But please consider a strict demarcation line between the QKD work in SG13 and the QKD work in SG17, please. And I will stop at that. Remember my intervention to the IETF plenary that if there is a need to say stop or no, PLEASE do it So, when it is justified it is justified and in this case it is important to be said. So Please give me the time to read Y.DKD.TL first a more neutral language just on that would be welcome and will help I will do my best to provide editorial help Hope this helps Best Regards > On 21 Mar 2026, at 12:55, Viktor Dukhovni <[email protected]> wrote: > > On Sat, Mar 21, 2026 at 09:22:56AM +0000, John Mattsson wrote: >> Viktor Dukhovni wrote: >>> or some other less inflammatory formulation. >> >> It is a sad world if a straightforward fact is considered >> inflammatory. SIGINT agencies have sold "unbreakable" hardware in the >> past and will do so again. >> https://www.google.com/url?q=https://www.washingtonpost.com/graphics/2020/world/national-security/cia-crypto-encryption-machines-espionage/&source=gmail-imap&ust=1774698940000000&usg=AOvVaw1kRGXjq_srDA24DHOvIGU7 > > It isn't the SIGINT agencies I am trying to shield here from being > offended. Rather, I think those being sold the QKD snake-oil might > take offense at the original text. Just overcoming the misleading > marketing should be the focus, regardless of who may or may not be > behind it. > >> People building, standardizing, and using QKD seem to have little to >> no knowledge of cryptography and security. The ITU-T Y.QKD-TL system >> would allow a dishonest QKD hardware manufacturer not only to >> passively eavesdrop on all communication, but also to impersonate >> endpoints and inject traffic. I think the IETF has a moral >> responsibility to inform ITU-T about these risks. > > I'd replace "moral" with "professional". And yes, it is correct to fend > off (especially stand-alone) QKD, and even as an additional input one > can make a solid case that it is rarely if ever worth the cost, if one > really wants to bust the myth. > > Bottom line, something that is less of knee-jerk reaction would I think > be more effective. > > -- > Viktor. 🇺🇦 Слава Україні! > > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected]
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
