Re: [Pqc] Mapping the state of PQC and IETF - ssh
Alexandre Petrescu <alexandre.petrescu@gmail.com> Fri, 10 March 2023 13:47 UTC
Return-Path: <alexandre.petrescu@gmail.com>
X-Original-To: pqc@ietfa.amsl.com
Delivered-To: pqc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 708E5C17B359 for <pqc@ietfa.amsl.com>; Fri, 10 Mar 2023 05:47:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.632
X-Spam-Level:
X-Spam-Status: No, score=-1.632 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FORGED_GMAIL_RCVD=1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.001, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MkLAEpwW0DCk for <pqc@ietfa.amsl.com>; Fri, 10 Mar 2023 05:46:58 -0800 (PST)
Received: from cirse-smtp-out.extra.cea.fr (cirse-smtp-out.extra.cea.fr [132.167.192.148]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1DBE1C14F749 for <pqc@ietf.org>; Fri, 10 Mar 2023 05:46:57 -0800 (PST)
Received: from pisaure.intra.cea.fr (pisaure.intra.cea.fr [132.166.88.21]) by cirse-sys.extra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id 32ADkt2i034318 for <pqc@ietf.org>; Fri, 10 Mar 2023 14:46:55 +0100
Received: from pisaure.intra.cea.fr (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id 80BBA205C1A for <pqc@ietf.org>; Fri, 10 Mar 2023 14:46:55 +0100 (CET)
Received: from muguet2-smtp-out.intra.cea.fr (muguet2-smtp-out.intra.cea.fr [132.166.192.13]) by pisaure.intra.cea.fr (Postfix) with ESMTP id 76304205841 for <pqc@ietf.org>; Fri, 10 Mar 2023 14:46:55 +0100 (CET)
Received: from [10.8.32.70] (is156570.intra.cea.fr [10.8.32.70]) by muguet2-sys.intra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id 32ADktsS019574 for <pqc@ietf.org>; Fri, 10 Mar 2023 14:46:55 +0100
Message-ID: <b086d1fb-c8a6-80df-320e-cd92e7ec2602@gmail.com>
Date: Fri, 10 Mar 2023 14:46:55 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.8.0
Content-Language: fr
To: pqc@ietf.org
References: <20230303112532.1126239.qmail@cr.yp.to>
From: Alexandre Petrescu <alexandre.petrescu@gmail.com>
In-Reply-To: <20230303112532.1126239.qmail@cr.yp.to>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/pqc/vnTwb0oqJPD8cWePRmIPhD_TnAM>
Subject: Re: [Pqc] Mapping the state of PQC and IETF - ssh
X-BeenThere: pqc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Post Quantum Cryptography discussion list <pqc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pqc>, <mailto:pqc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pqc/>
List-Post: <mailto:pqc@ietf.org>
List-Help: <mailto:pqc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pqc>, <mailto:pqc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Mar 2023 13:47:03 -0000
Le 03/03/2023 à 12:25, D. J. Bernstein a écrit : [...] > my recommendation is to proceed with immediate post-quantum > deployment, obviously using open-source software! But how about openssh saying "WE DO NOT RECOMMEND RELYING ON THIS FORK IN A PRODUCTION ENVIRONMENT OR TO PROTECT ANY SENSITIVE DATA"? at https://github.com/open-quantum-safe/openssl Is that capitalized warning something like BSD's capitalized 'NO WARRANTY' that one is used to? Or is it more than that? I am more and more facing oppinions saying that it [risks of not using stronger crypto like NIST's or ssh's] is not a real problem, for reason X and Y, where X and Y are that quantum computers are for later, quantum networking is a just theory, quantum crypto is at risk more than existing crypto facing traditional but increasingly more powerful computers, that nobody broke 3DES anyways, that novel quantum-resistant crypto algos are falling apart one after another, that lengthening the keys of existing algos is sufficient for more robustness, that the RSA conference said this or that, etc. To me, I rather think that _everything_ is at risk until migration to quantum-resistance is performed. That includes quirky things like https to more mundane concepts like simply SIM cards or simply ecommerce or bank transactions or health record data management - everything. It's like something that has started and can no longer be stopped. The migration, transition, that is. I dont want to scare anyone, it is just an intermediary step. It is not my kind to be FUD or paranoid. I am not really an expert on the crypto matters anyways. Alex
- [Pqc] Mapping the state of PQC and IETF Sofía Celi
- Re: [Pqc] [Ext] Mapping the state of PQC and IETF Paul Hoffman
- Re: [Pqc] [Ext] Mapping the state of PQC and IETF Alexandre Petrescu
- Re: [Pqc] [Ext] Mapping the state of PQC and IETF Behcet Sarikaya
- Re: [Pqc] Mapping the state of PQC and IETF Rebecca Guthrie
- Re: [Pqc] [Ext] Mapping the state of PQC and IETF Paul Hoffman
- Re: [Pqc] Mapping the state of PQC and IETF John Gray
- Re: [Pqc] [EXTERNAL] Mapping the state of PQC and… Mike Ounsworth
- Re: [Pqc] [EXTERNAL] Mapping the state of PQC and… Mike Ounsworth
- Re: [Pqc] [Ext] [EXTERNAL] Mapping the state of P… Paul Hoffman
- Re: [Pqc] [EXTERNAL] Mapping the state of PQC and… Hannes Tschofenig
- Re: [Pqc] Mapping the state of PQC and IETF Kampanakis, Panos
- Re: [Pqc] Mapping the state of PQC and IETF Hannes Tschofenig
- Re: [Pqc] [EXTERNAL] Mapping the state of PQC and… Alexandre Petrescu
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Kampanakis, Panos
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Bas Westerbaan
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Kampanakis, Panos
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Behcet Sarikaya
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Bas Westerbaan
- Re: [Pqc] Mapping the state of PQC and IETF Sofía Celi
- Re: [Pqc] [Ext] [EXTERNAL] Mapping the state of P… Sofía Celi
- Re: [Pqc] Mapping the state of PQC and IETF Sofía Celi
- Re: [Pqc] [Ext] [EXTERNAL] Mapping the state of P… Mike Ounsworth
- Re: [Pqc] Mapping the state of PQC and IETF - ssh D. J. Bernstein
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Eric Rescorla
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Alexandre Petrescu
- Re: [Pqc] Mapping the state of PQC and IETF - ssh D. J. Bernstein
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Alexandre Petrescu
- Re: [Pqc] Mapping the state of PQC and IETF - ssh D. J. Bernstein
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Blumenthal, Uri - 0553 - MITLL
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Alexandre Petrescu
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Thom Wiggers
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Alexandre Petrescu
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Thom Wiggers
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Behcet Sarikaya
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Alexandre Petrescu