On 7/30/22 9:30 AM, Cullen Jennings wrote:
On Jul 14, 2022, at 1:13 PM, Peter Saint-Andre <stpeter@xxxxxxxxxx
<mailto:stpeter@xxxxxxxxxx>> wrote:
Given the requirements for crypto agility, I think this there should
be at
least one MTI algorithm that does not rely on EC. Pinning all your
hopes on a
single algorithm surely is not the best security advice the IETF can
provide.
If a EC did have a problem, clearly we would want something already
build and
deployed that we could switch too.
The authors will discuss this and reply again.
I just wanted to see if there were any update on this one. I think it is
the most serious concern raised in my review.
I think the authors might have missed this one in our work on -10. I've
opened a new tracking issue here:
https://github.com/yaronf/I-D/issues/474
Peter
--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
