Epic Goal

• Evaluate and mitigate the potential risks and vulnerabilities introduced by quantum computing to the OpenShift Pipelines cryptographic Operations

Why is this important?

Most regulatory bodies (NIST, NSA, DHS, ENISA) expect quantum computers big enough to break currently used cryptographic algorithms within a few decades, thus recommend or require finishing migration to algorithms secure against quantum computers in the next 7 to 10 years

Scenarios

• Identify cryptographic operations, libraries, and algorithms used in OpenShift Pipelines.

• Analyze potential vulnerabilities.

• Develop a migration strategy aligned with general OpenShift products.

• Implement the migration plan.

Acceptance Criteria (Mandatory)

• CI - MUST be running successfully with tests automated
• Release Technical Enablement - Provide necessary release enablement details and documents.
• ...

Dependencies (internal and external)

1. ...

Previous Work (Optional):

1. …

Open questions::

1. …

Done Checklist

• Acceptance criteria are met
• Non-functional properties of the Feature have been validated (such as performance, resource, UX, security or privacy aspects)
• User Journey automation is delivered
• Support and SRE teams are provided with enough skills to support the feature in production environment