The title is vague, my first thought was "We already have MLKEM". Which is enough against passive attackers.
The article apparently is about the CA/certs for authenticating the server, a part of HTTPS
utopiah 5 hours ago [-]
FWIW if you want to tinker on the topic I recommend OQS https://github.com/open-quantum-safe/ including Chromium, Apache, nginx, curl, etc. It's quite fun to play with.
boutell 4 hours ago [-]
The pivot to MTC is a big change in the infrastructure of https. I wish other browsers were at least mentioned in this blog post. I'm curious about the future of letsencrypt as well.
utopiah 2 hours ago [-]
Discussed few weeks ago on https://community.letsencrypt.org/t/post-quantum-crypto-road... specifically "The path we're more interested in is Merkle Tree Certificates, currently in design at the PLANTS working group at IETF. Chrome has indicated that they anticipate this to be their preferred approach to PQC. We're following that very closely, and are likely to deploy MTCs if it looks like that design is going to be supported widely." according to Matthew McPherrin, Let's Encrypt staff
westurner 30 minutes ago [-]
There are also Merkle ladders.
What is the difference between a Merkle Tree Certificate and a Merkle Ladder?
Is this correct?:
Without Merkle Tree Certificates, the per keypress overhead for e.g. jupyter_server would be something like 3.3 KB due to the PQ signatures.
Rendered at 15:36:00 GMT+0000 (Coordinated Universal Time) with Vercel.
The article apparently is about the CA/certs for authenticating the server, a part of HTTPS
What is the difference between a Merkle Tree Certificate and a Merkle Ladder?
Is this correct?:
Without Merkle Tree Certificates, the per keypress overhead for e.g. jupyter_server would be something like 3.3 KB due to the PQ signatures.