Mikalai

@mikalai@privacysafe.social

Replying to an earlier post

@rsalz @letoams
Physics and math.
It is you okay-ing something pq-only, while there are no quantum computers. We only ask you not do it, and to apply some conservative approach IETF has, i.e. hybrid crypto systems, to RECOMENDED=N items.
You are expected to show a physical real quantum computer with enough qubits, 256 * error correction all in superposition operatable over long enough time, before we can start pq-only standards publications.

@djb @eff @pluralistic

Replying to an earlier post

@filippo @matthew_d_green
Given have furious IETF WG chairs are at pushing pq-only, RECOMENDED=N item, bet should be in pointing students to looking/poking/hacking pushed algo(s).

RECOMENDED=N was a publishing place in 1980s-90s. But in 2026 anyone can publish on sites. While IETF stuff will be taken as gosspel, by devs ... like myself. And that may be a vector. So, make students look.

Yes @filippo
True academic bets with student time, not money. May be you never had this perspective. 😉

Replying to an earlier post

@rsalz
Are you suggesting, that
(1) as a chair in IETF WG,
(2) given @letoams mentioning that IETF position is to recommend hybrid crypto approach,
(3) now being aware that RECOMMENDED=N will be overlooked, almost certainly, espesially with parallel recomendations/mandates from government(s),
(4) you want to shift any responsibility, and future blame, on unsuspecting CSO's and developers? Knowing that they will be squizeed by your IETF stuff, and aforementioned requirements.

@djb

Replying to an earlier post

@letoams
Let's imagine you push this through. Then there will be push, for efficiency of course, to drop hybrid approach everywhere. Eventually, likes of Signal will be using only new pq algos, without adding proven encryption.

Would you make an official statement that you personally will appologize, if/when new algos and emplementation(s) found to have a bug.
Would you also pay appropriate ensurance.

As IETF you push this.
But I, as CSO will be responsible, when bugs are found.

@djb

Replying to an earlier post

@letoams
Than you have a higher risk tolerance.
But your decision will have repercussions to all of us.
Hence, begging for more conservatism, i.e. no pure-pq anything till quantum computers actually materialize.

I, personally, had a glass of vine at IQC opening, 24-25 years ago. Institute for Quantum Computation. It was well after refactoring 15 by IBM. Still waiting for miracle. I mean, by now it feels like miracle/mirage.

@djb @pluralistic @eff

Replying to @mikalai@privacysafe.social

@letoams
And also, want to reiterate (noting your rethorical skill to draw attention from important points, by quick summarization) you, IETF make something, then world around implents following trust in you, but when bugs in pq are found, and there is no non-pq, CSO's like me will be blamed.
I want this responsibility shift to be clearly recognized.
Please, don't be ignorant of this effect.
Now, in a big company, CSO may survive. Small company will be eaten by big one.

@djb @pluralistic @eff

Replying to an earlier post

@letoams
My main point is that till there are actual quantum computers, not having non-pq is irresponsible.
Also, calling a consensus on split decisions, without providing details in the same sentence, is missleading.
@djb is right on this.

At this point, clearly you are attempting to play the fact that your are more detailed in minutia of IETF. It feels that way. I respectfully decline invitation. It is Saturday, and it feels that IETF is not a friend. Yaks.

@pluralistic @eff

Replying to an earlier post

@rsalz @letoams
And failed to convince you to take public's desires to heart. 🤷‍♂️

This whole long interaction period shows how you guys do provoke ad-homini slippery sidelines, where people predictably slip.
So, if @djb was crazed, its really your hand job. Seriously.
My personal view, expectation was that you are more scientist and engineers, and have stance in line with RFC 8890. But, but.

@pluralistic @eff

Replying to an earlier post

@rsalz
@letoams
This week I had a conversation about needing to implement pq, cause government something-something.
People at large, ok, leaders at large don't know about not-recommended yet RFC, that it is a thing.
You overestimate outside having nuances about your process, and underestimate outsider's trust in you.

Yes, you can functionaly hide behind RECOMMENDED=N.
But, please discourage publishing of stuff IETF doesn't recommend. Stakes are too high here.

@pluralistic @eff