- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Wed, 25 May 2022 18:16:28 -0400
- To: public-credentials@w3.org
On 5/25/22 1:28 PM, Shawn Butterfield wrote: > It comes down to making commitments to customers now that create the best > fit for their needs in the future. Ed25519 infra provider support needs to > happen before we can build enterprise-grade platform support around it. +1 Shawn... and one of the most frustrating aspects of what we do here is looking at what's NIST approved and wondering which decade we'll actually be able to offer it to our customers. That Ed25519 is FIPS 186-5 compliant (but only in the Draft!) was a hollow victory... 'cause it'll be years before a certified HSM makes its way through the process (maybe!? who knows!?) Christopher, having engaged with a fair number of corporate customers, as you have... what Shawn says resonates. At some level, NIST's cryptography review process is broken and can't seem to keep up with modern cryptography (or has no easy process for doing so)... on the other hand, perhaps they're going at just the right speed (but I doubt it). When you have Intel putting Direct Anonymous Attestation into their CPUs since 2014 and shipping 2.4B devices with Enhanced Privacy ID (EPID)... and you see no mention of this from NIST (perhaps I missed the memo?) -- it really points out that something is wrong. That said, enterprises tend to adopt new crypto at a much more rapid pace... WAAY before government. Folks like Intel, Cisco, etc. can't wait for the government to play catch up. The whole security approach/model seems wrong... much like the way a lot of industry security auditing is done (which focuses more on if you have a documented process that's auditable than your ability to be responsive to catastrophic security failures, for example). "Sure, we have cryptographic agility... but our customer only really tested with secp256r1, and we're pretty sure if that's compromised, we couldn't roll back to RSASSA-PSS if we wanted to because it'll break half the ecosystem!" There is a bit of security theatre going on in large enterprises and government. There is no insistence that part of the acceptance criteria is to demonstrate support for cryptographic agility not only at the product level, but the ecosystem level as well. The latter is the hard work that tends to not happen... at least, that has been our experience. -- manu -- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. News: Digital Bazaar Announces New Case Studies (2021) https://www.digitalbazaar.com/
Received on Wednesday, 25 May 2022 22:16:45 UTC