-
Initiative
-
Resolution: Unresolved
-
Major
-
None
-
None
Feature Overview (aka. Goal Summary)
Evaluate the tasks associated with implementation of Post-Quantum Cryptography (PQC) across OpenShift Hosted Control Planes components for planning purposes.
Goals (aka. expected user outcomes)
Thorough understanding of what OpenShift Hosted Control Planes is required to do for integration of PQC ciphers across OpenShift Hosted Control Planes components (e.g. IPsec) for the purposes of roadmap planning of action items in 4.21 and 4.22.
Requirements (aka. Acceptance Criteria):
- A list of impacted networking features and the responsible networking team
- For each impacted feature, a list of work required and OpenShift release at which it must be completed (starting at 4.21)
| Deployment considerations | List applicable specific needs (N/A = not applicable) |
| Self-managed, managed, or both | |
| Classic (standalone cluster) | |
| Hosted control planes | |
| Multi node, Compact (three node), or Single node (SNO), or all | |
| Connected / Restricted Network | |
| Architectures, e.g. x86_x64, ARM (aarch64), IBM Power (ppc64le), and IBM Z (s390x) | |
| Operator compatibility | |
| Backport needed (list applicable versions) | |
| UI need (e.g. OpenShift Console, dynamic plugin, OCM) | |
| Other (please specify) |
Questions to Answer (Optional):
Out of Scope
Background
- “If large-scale quantum computers are ever built, they will be able to break many of the public-key cryptosystems currently in use. This would seriously compromise the confidentiality and integrity of digital communications on the Internet and elsewhere. The goal of post-quantum cryptography (also called quantum-resistant cryptography) is to develop cryptographic systems that are secure against both quantum and classical computers, and can interoperate with existing communications protocols and networks.” ([Source|https://csrc.nist.gov/Projects/post-quantum-cryptography)]