|
I think it is problematic that the registration procedure for "Key Exchange Method Names" is "IETF Review". Most of the registries are strings so there is no limit to the number
of code points.
It would have been good if draft-josefsson-ntruprime-ssh could have made the registration. - I don't think IETF should
reopen CURDLE for registering NTRU Prime. - I do think IETF should
reopen CURDLE for registering the standardized NIST algorithms. - I think IETF should change the registration policies for the SSH registries.
>It doesn't work -- sntrup761 is used widely on the Internet today and >will continue to be used. What decision could NIST make that would >affect anything for sntrup761x25519-sha512? The algorithm has been >stable since 2017. Deferring publication of protocol specifications >until some external organization has made some unrelated decision is an >active decision that is harmful to Internet security, in my opinion. >Organization will continue to harvest data that will be decrypted in the >future, and this is contrary to the goals of the IETF. It is similar to >say that we shouldn't have published Curve25519 because it wasn't >published by NIST. Or ChaCha20. Or TLS 1.3. Or OpenPGP. Or just >about anything that the IETF has ever published. I think SSH in the future should move to the final NIST standards. This is not similar to Curve25519 and ChaCha20. They were both published by CFRG. There is a huge
difference between an academic paper describing a new algorithms
and
interoperable specifications like the ones
produced by CFRG. Cheers, John From:
Curdle <curdle-bounces%ietf.org@localhost> on behalf of Niels Möller <nisse%lysator.liu.se@localhost> Simon Josefsson <simon%josefsson.org@localhost> writes: |