ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] German BSI, PQC for OpenPGP in Thunderbird,

2021-06-24 11:31:31
from [Michael Richardson] [Permanent Link] 

Derek Atkins <derek(_at_)ihtfp(_dot_)com> wrote:
    > My only concern at this point in time would be the question of what PQC
    > methods to include?  Right now there are still way too many choices,
    > and there is an expectation that NIST will reduce those choices over
    > the next 2ish years.  So does it pay to do the work now, or perhaps
    > wait a bit for Round 3 to finish, before we potentially add methods?

Reading Kai's email, my impression was that the point of the German effort is
to figure out (sooner) what changes might be needed to Thunderbird, and
perhaps, provide NIST with implementation feedback.

So, that's why they want to do the work now.

    > On Thu, June 24, 2021 9:52 am, Kai Engert wrote:
    >> Hello,
    >>
    >> I'd like to make you aware of a project call by the German BSI (a
    >> federal agency for IT security), which was brought to my attention.
    >>
    >> I've posted some information on it on the Thunderbird planning mailing
    >> list, see the following thread, which has multiple messages from me:
    >>
    >> 
https://thunderbird.topicbox.com/groups/planning/T5abbf135db2f3c1c/the-german-bsi-intends-to-sponsor-pqc-improvements-for-openpgp-in-thunderbird
    >>
    >> In my understanding they intend to pay a contractor for a wide set of
    >> tasks to bring PQC to Thunderbird, including the work to standardize
    >> the use of PQC with OpenPGP, including implementations for RNP, Botan,
    >> GnuPG and libgcrypt.
    >>
    >> It seems the BSI has already made a suggestion that they want to
    >> require the use of CRYSTALS-Kyber and -Dilithium.
    >>
    >> Is that a reasonable choice?
    >>
    >> Does it make sense to define a limitation to these methods at this
    >> point of time?
    >>
    >> Thanks Kai
    >>
    >> _______________________________________________ openpgp mailing list
    >> openpgp(_at_)ietf(_dot_)org https://www.ietf.org/mailman/listinfo/openpgp
    >>


    > --
    >        Derek Atkins 617-623-3745 derek(_at_)ihtfp(_dot_)com www.ihtfp.com 
Computer
    > and Internet Security Consultant

    > _______________________________________________ openpgp mailing list
    > openpgp(_at_)ietf(_dot_)org https://www.ietf.org/mailman/listinfo/openpgp

--
Michael Richardson <mcr+IETF(_at_)sandelman(_dot_)ca>   . o O ( IPv6 IøT 
consulting )
           Sandelman Software Works Inc, Ottawa and Worldwide

Attachment: signature.asc
Description: PGP signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] German BSI, PQC for OpenPGP in Thunderbird,, Kai Engert
Next by Date:  Re: [openpgp] German BSI, PQC for OpenPGP in Thunderbird,, Alessandro Barenghi
Previous by Thread:  Re: [openpgp] German BSI, PQC for OpenPGP in Thunderbird,, Derek Atkins
Next by Thread:  Re: [openpgp] German BSI, PQC for OpenPGP in Thunderbird,, Daniel Kahn Gillmor
Indexes:  [Date] [Thread] [Top] [All Lists]