I’ve been following the thread (mainly Geoff and EKR), and I think I have it narrowed down to the following.
* Now the assertion in the draft that: "Cryptographically-relevant quantum computers, once available, will have a huge impact on TLS traffic." is true, for what its worth, but its reasonable to predict that this will not be the case for the coming couple of years, or even the coming five years. see https://www.potaroo.net/ispcol/2024-11/pqc-fig1.png taken from a NANOG 92 presentation from October 2024. We “know” that harvest-now decrypt-later is happening. There are entities capturing lots of traffic assuming they can decode it later and still get benefit from that. This feeds into another quote from Geoff: * So the two sentences in section 3 of this draft gloss over a larger set of considerations. The first sentence is true, but without some associated estimate of WHEN such cryopto-relevant quantum computers will tools will be available its a very anodyne observation. Your own need to use PQC is based on a) your estimate as to when such tools wil be available and b) how long you want to maintain the integrity of privacy. So I propose this set of minor edits to Section 3: Cryptographically-relevant quantum computers (CRQC), once available, will have a huge impact on TLS traffic. To mitigate this, TLS applications will need to migrate to post-quantum cryptography (PQC) [PQC<file:///Users/rsalz/git/draft-use-tls13/draft-ietf-uta-require-tls13.html#PQC>]. Detailed consideration of when any application requires PQC, or when a CRQC is a threat they need to protect against, is beyond the scope of this document. For TLS it is important to note that the focus of these efforts is TLS 1.3 or later, and that TLS 1.2 will not be supported (see [TLS12FROZEN<file:///Users/rsalz/git/draft-use-tls13/draft-ietf-uta-require-tls13.html#TLS12FROZEN>]). This is one more reason for new protocols to default to TLS 1.3, where PQC is actively being standardized, as this gives new applications the option to use PQC. Which can be found at https://github.com/richsalz/draft-use-tls13/pull/5
_______________________________________________ Uta mailing list -- uta@ietf.org To unsubscribe send an email to uta-le...@ietf.org
