Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
Prepare for Quantum Computing #85
With the upcoming threat of Quantum Computing and how we think to get over it there are a few new requirements for the TLS Pool. They are not too compex, because the TLS work is delegated to an existing stack.
Requirements in the Config File
We should add an entry to the config file, like like:
These flags will impact the cipher suites that are acceptable on the TLS Pool that sees them. This may seriously impact the number of successful connections that can be successfully constructed, but the flags allow some degree of pushiness among administrators.
Even without these flags, it is a good idea to place cipher suites that protect against Quantum Computers before those that do not. When they are available, they should be opportunistically selected.
Dynamic Control in Validation Expressions
On top of this, we should probably include flags in the validation expressions, like perhaps:
This option allows administrators to dynamically control quantum proofing for individual trust relations.
The process describes a four-stage adoptance plan for Quantum Proof TLS. We hope to do this so gradually that users will not want to override it. The danger lies in the remote peers that might not be good netizens. These present a choice to the admin: avoid complaints by individual users visiting such old sites, or avoid the traffic being tapped?
The phases are:
The whole idea is to gently guide the operator into the PQ realm without taking away their choice.