Hi, A few months ago, Tiru and I published a draft [1] whose goal is to minimize rollback attacks while the Internet is slowly migrating from classic to PQC (or composite) certificates.
It seems that the TLS WG is now ready to turn its attention to PQ resistant signatures, and we would like to present the draft at the upcoming IETF-125. If anybody has had a chance to read the draft in the meantime, we would appreciate your feedback. People might also want to refer to the earlier discussion on this list [2]. Thanks, Yaron [1] https://datatracker.ietf.org/doc/draft-sheffer-tls-pqc-continuity/ [2] https://mailarchive.ietf.org/arch/msg/tls/qfmTs0dFq-79aJOkKysIP_3KhEI/
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
