Ondřej Surý <[email protected]> writes: > The malicious server can just say "nope, this is new".
Agreed, it does not prevent someone in the middle from doing what we're already heading to: TCP always and all data always. That wasn't the point. 90% of the requests that would be transmitted over TCP every 5 minutes. If someone the middle really wanted that to continue, I agree you're stuck. But if most of the parties on the planet do play nicely (and most do) then we can greatly reduce the potential traffic levels. > I believe it is dangerous to say "it is ok to deploy PQC algorithms with > large signatures" because we have these optimizations. I don't think I ever said that. > The fact is that we either need a PQC algorithm that will be > size-suitable for DNS or we will have to brace for the impact of > completely switching to TCP. The top of my document lays out an argument that: 1. we better accept TCP is coming 2. but we may try to reduce the amount of traffic we do send to mitigate some of that impact. -- Wes Hardaker Google _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
