Hiya, On 12/02/2020 21:57, Martin Thomson wrote: > Only a few of them. Some are OK, but the number is few, I agree. I > haven't found a good summary of the second round candidates and I > don't have time to dig into all of the candidates. Fine reason to wait and see IMO.
I'd be much happier adopting this if we did that with the explicit understanding that we won't produce an RFC until the "winners" in the NIST process are known and their properties understood. (I don't mean waiting for a FIPS or formal NIST document but at least for the final announcement from their process.) If the plan were to adopt this and produce an RFC now (e.g. to mix different curves or something) then I am against that. There's no need for such combinations so the real rationale here is PQC and we (at least I, but I suspect also many IETF participants) don't know enough about the relevant algorithms yet. (And expecting us to be knowledgeable about 25+ algorithms isn't realistic.) Cheers, S.
0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls