[Servercert-wg] [cabfpub] Interest in Ed25519 and/or Ed448?
Ryan Sleevi
sleevi at google.com
Thu Mar 26 11:56:16 MST 2020
On Thu, Mar 26, 2020 at 1:40 PM Kurt Roeckx <kurt at roeckx.be> wrote:
> Ed25519 and Ed448 are not new. They exist now, have many
> implementations. It does not require a huge amount of research
> or effort to implement it. And it's a clear improvement over
> the currently supported algorithms.
>
Hi Kurt,
Of course they're new (to be permitted), or we wouldn't be having this
discussion. And they're not a clear improvement over the currently
supported algorithms, or else they'd be PQ. I realize we'll likely disagree
on both of these points, but frankly, the incremental value these
algorithms provide (assuming you don't believe I'm an NSA mole hired to
shill for P-256) is not worth the significant effort involved. You've
shifted the argument somewhat, in that it's ignoring the previous remarks
pointing out the dependencies and challenges, so I doubt there's much more
useful discussion to be had here. Switching to Ed25519/Ed448 for leaf
certificates only doesn't achieve any of the necessary security
improvements, and switching for intermediates simply does not provide the
necessary trust assurances regarding key generation and protection. This
hasn't changed since that previous discussion in any meaningful sense, so
the "appeal to security" is misleading, at best.
> You're waiting for something that will probably take 10 years
> before people think we're ready to switch to it. I consider that
> 10 year to a realistic one estimate.
I don't consider it a realistic estimate, because the substantive
challenges to be addressed are issues to be solved now, in order to prepare
for a shift. If effort is going to be spent on implementations and
interoperability, it'd be better to have that spent towards hybrid schemes
and agility in the ecosystem. The former is not well suited for this Forum,
given the technical nature of these problems, while the latter is, because
these are ecosystem issues. In this regard, improved certificate profiles
that facilitate agility are the important problem.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20200326/815c024f/attachment.html>
More information about the Servercert-wg
mailing list