On 1/7/25 12:37 PM, Taavi Eomäe wrote:
It sounds rather important to start with the process sooner rather
than later as a few governments have announced their plans to fully
migrate to post-quantum cryptography quite soon.
NIST wants to deprecate digital signature algorithms that offer less
than 128 bits of security by 2030. That means for example 2048-bit
RSA. The next step is disallowing RSA, ECDSA, EdDSA and SHA-256 by the
year 2035.¹ Even if they offer more than 128 bits of security. The
Australian government has made similar announcements with the deadline
being the year 2030.²
Has NIST given a timeline of when they are going to pick the quantum
resistant algorithm? I suppose if it's far enough out, it might be
worthwhile to wait, but on the other hand figuring out a transition
sooner rather than later might be good.
Mike
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
