The IRTF's CFRG [1] are at the beginning of considering PQC so I'd say discussion would be much better off there and not (yet) in the IETF. IMO none of the PQC schemes are ready for prime-time right now, so CFRG is a much better venue.
Cheers, S. [1] https://irtf.org/cfrg On 01/02/16 09:50, Antonio Sanso wrote: > ops it look like I kind of fat fingered , meant > > A quantum computer will break totally this (thanks to Shor's algorithm). > > On Feb 1, 2016, at 10:27 AM, Antonio Sanso <[email protected]> wrote: > >> hi *, >> >> I know that this might sounds a bit crazy but I think that is time to kind >> of think about Post Quantum Cryptography (and JOSE should not be left out). >> But let me rewind a bit. >> According to the last research (done from IBM et al) and NSA suggestions, >> having a quantum computer is “only” 8/15 years from now (maybe earlier) >> Taking as example JWS it support RSA signature. A quantum computer will >> break computer will break totally this (thanks to Show algorithms). >> Thinking about start to expand JWS specification to use some of the PQC is >> not so inimmaginable IMHO. >> For example having JWS supporting Hash based signatures would be a great >> move (always IMHO :)) for JOSE and JWS. >> >> WDYT? >> >> antonio >> >> P.S. a great post about Hash based signatures and Merkle tree is at >> https://www.imperialviolet.org/2013/07/18/hashsig.html >> _______________________________________________ >> jose mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/jose > > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose > _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
