> The authors have conferred on this and at this time we don't think that we can recommend anything other than EC ciphers... IMHO, this is the only simple and generally implementable recommendation at this point. Cheers, Andrei -----Original Message----- From: Uta <uta-bounces@xxxxxxxx> On Behalf Of Peter Saint-Andre Sent: Saturday, July 30, 2022 12:41 PM To: Cullen Jennings <fluffy@xxxxxx>; draft-ietf-uta-rfc7525bis.all@xxxxxxxx Cc: art@xxxxxxxx; last-call@xxxxxxxx; uta@xxxxxxxx Subject: [EXTERNAL] Re: [Uta] Artart last call review of draft-ietf-uta-rfc7525bis-09 On 7/30/22 10:10 AM, Peter Saint-Andre wrote: > On 7/30/22 9:30 AM, Cullen Jennings wrote: >> >> >>> On Jul 14, 2022, at 1:13 PM, Peter Saint-Andre <stpeter@xxxxxxxxxx >>> <mailto:stpeter@xxxxxxxxxx>> wrote: >>> >>>> >>>> Given the requirements for crypto agility, I think this there >>>> should be at least one MTI algorithm that does not rely on EC. >>>> Pinning all your hopes on a single algorithm surely is not the best >>>> security advice the IETF can provide. >>>> If a EC did have a problem, clearly we would want something already >>>> build and deployed that we could switch too. >>> >>> The authors will discuss this and reply again. >> >> I just wanted to see if there were any update on this one. I think it >> is the most serious concern raised in my review. > > I think the authors might have missed this one in our work on -10. Hi again, The authors have conferred on this and at this time we don't think that we can recommend anything other than EC ciphers, for several reasons: 1. DHE negotiation is broken. 2. Static RSA is out of the question. 3. Post-quantum (PQ) methods aren't ready yet. Our forecast is that a few years from now the PQ methods will be ready for recommending in 7525ter, but for now EC is the best we can do. Peter _______________________________________________ Uta mailing list Uta@xxxxxxxx https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Futa&data=05%7C01%7CAndrei.Popov%40microsoft.com%7C9277e2d4fdf644156d8308da726399b9%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637948069552925638%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=jSUJRuOGcpU016JSV7DZmdEcltSPyIoIjaJyAU5YUWs%3D&reserved=0 -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
