Is MSAL ready for hybrid and postquantum PKI?

[3BK]

It appears that MSAL uses algorithms like RS256.

Is MSAL ready for hybrid and postquantum PKI?

references https://www.ietf.org/archive/id/draft-prorock-cose-post-quantum-signatures-01.txt https://dl.acm.org/doi/abs/10.1007/978-3-031-20974-1_20 https://paragonie.com/blog/2017/03/jwt-json-web-tokens-is-bad-standard-that-everyone-should-avoid

[SameerK-MSFT]

Interesting question. @SaeedAkhter-MSFT do you have any input on this? Thx

[bgavrilMS]

Afaik AAD only supports RSA and is building support for ECD certs, so no, no post-quantum yet.

[3BK]

It's probably a roadmap alignment "thang"

CNSA 2.0 Roadmap Software and firmware-signing

• Begin transitioning immediately
• support and prefer CNSA 2.0 by 2025, and
• exclusively use CNSA 2.0 by 2030.

Web browsers/servers and cloud services:

• Support and prefer CNSA 2.0 by 2025, and
• exclusively use CNSA 2.0 by 2033.

Operating systems:

• Support and prefer CNSA 2.0 by 2027, and
• exclusively use CNSA 2.0 by 2033.

AAD Roadmap

• https://www.microsoft.com/en-us/research/project/post-quantum-tls/ ???

[3BK]

AAD ... is building support for ECD certs,

That's hopefully a step in the right direction - towards hybrid PKI

[3BK]

Don't forget to refresh your hardware roadmap. ;)

[bgavrilMS]

Well, it's not just AAD. Clients (web sites, web apis) need to have new crypto stacks to be able to request tokens using signed assertions (a signed assertion is just another JWT, but one that the client generates). And RPs need to have it as well, to be able to verify signatures....

[3BK]

Agreed. Hybrid (and/or post quantum) are substantial changes. (Probably driven by Balanced Scorecard goals.)