Soatok Dreamseeker
Jeff Moss
📎 a51c@soatok It seems a bit shortsighted to rule out the hybrid option, merely because some people were rude about it. I would rather judge technology on its merit.
@a51c Fuck off with that "because they were rude" nonsense.
I have sound technical reasons for trusting non-hybrid PQ signatures enough to deploy them today.
People I deeply respect weren't "rude to" they were downright fucking harassed over this shit in ways that the public doesn't know, all because some limpdick techbros got a wild hair up their ass and decided to moral crusade against the wrong target, and many of them riled up a peanut gallery of poorly informed jerks to compound that into a death by a thousand cuts harange.
Then, when one of the people provoking the whole mess finally gets moderated by the mailing list, their lackeys try to flood the forum with the most tedious "I'm a rules lawyer at D&D" bullshit I've ever seen.
I will hear none from that crowd after the damage they've done. Fuck em and everything they stand for.
Chris@soatok I think ML-DSA-44 is a fine choice. As long as there’s algorithm agility in the system.
@chrisvest Algorithm agility will be achieved by "versioned protocols".
The protocol versions will allow only one cryptography algorithm per version.
The implementation details here are whether v1 should remain ed25519 (since this isn't deployed anywhere yet) or mldsa44.
I expect v2 (circa 2030?) will use one of these: https://csrc.nist.gov/projects/pqc-dig-sig/round-2-additional-signatures
Round 2 Additional Signatures - Post-Quantum Cryptography: Additional Digital Signature Schemes | CSRC | CSRC
Official comments on the Second Round Candidates should be submitted using the 'Submit Comment' link for the appropriate algorithm. Comments from the pqc-forum Google group subscribers will also be forwarded to the pqc-forum Google group list. We will periodically post and update the comments received to the appropriate algorithm. All relevant comments will be posted in their entirety and should not include PII information in the body of the email message. Please refrain from using OFFICIAL COMMENT to ask administrative questions, which should be sent to [email protected]. The rationale for choosing the Round 2 Candidates is described in NIST IR 8528, Status Report on the First Round of the Additional Digital Signature Schemes for the NIST Post-Quantum Cryptography Standardization Process History of Round 2 Updates Code-based Signatures Algorithm Algorithm Information Submitters Comments CROSS Codes and Restricted Objects Signature Scheme Specification...