pmatilai
commented
2 weeks ago AFAICS SHA-3 in rpm-sequoia depends on the crypto-refresh branch to land in main Sequoia first.
Open pmatilai opened 2 weeks ago
pmatilai
commented
2 weeks ago AFAICS SHA-3 in rpm-sequoia depends on the crypto-refresh branch to land in main Sequoia first.
nwalfield
commented
2 weeks ago That's correct. We plan to add support for 9580 to sequoia-openpgp 2.0, which is due out early next year. Note: 2.0 will not include support for PQC, because it is not yet standardized.
pmatilai
commented
2 weeks ago Nothing in rpm v6 depends on SHA-3 so this isn't timing critical for us, it's more of a "HDTV-ready" type of thing :smile:
The post-quantum signatures are all SHA-3 based, rpm needs to recognize them. As the actual crypto comes from rpm-sequoia or rpmpgp_legacy, the rpm side of this is little more than adding a couple of enums but it still needs to be done.
Besides PQ signatures, we'll want to be able to move to stronger digest for our own purposes too, sooner or later.