[Cryptography] Shouldn’t root certificates switch to McEliece?
Perry E. Metzger
perry at piermont.com
Sun Sep 8 18:00:10 EDT 2019
On Sun, 08 Sep 2019 19:10:35 +0000 Ryan Carboni via cryptography
<cryptography at metzdowd.com> wrote:
> Shouldn’t root certificates switch to McEliece?
>
> Certificates are used for decades,
Certificates are not used for decades. Indeed, root keys are only
used for signing other keys and most are rotated on a reasonably
rapid basis. If someone built a quantum computer in the future, they
would be able to do very little damage by breaking an old root key
that had long since expired.
The real danger is someone breaking a key that was used for
encrypting traffic that is still relevant; secrets
might remain damaging to the people disclosing them even after
decades.
Perry
--
Perry E. Metzger perry at piermont.com
More information about the cryptography
mailing list