@FiloSottile elsewhere / Cryptogopher / Go crypto maintainer / Professional Open Source maintainer / RC F'13, F2'17 https:// mkcert.dev / https:// age-encryption.org / https:// filippo.io/newsletter 🕳️ “Gaze not into the abyss, lest you become recognized as an abyss domain expert, and they expect you keep gazing into the damn thing.” — @ nickm
@FiloSottile elsewhere / Cryptogopher / Go crypto maintainer / Professional Open Source maintainer / RC F'13, F2'17 https:// mkcert.dev / https:// age-encryption.org / https:// filippo.io/newsletter 🕳️ “Gaze not into the abyss, lest you become recognized as an abyss domain expert, and they expect you keep gazing into the damn thing.” — @ nickm
Last year, my position was that we still had time to design PQ authentication mechanisms.
Now, based on the pace of progress and on statements like Google's, I believe:
1. we need to finish rolling out PQ key exchange yesterday
2. we need to start rolling out PQ auth now
3. it's too late to ship any new non-PQ design or system
https://blog.google/innovation-and-ai/technology/safety-security/cryptography-migration-timeline/
Loading comments...