[Openid-specs-fapi] Issue #748: FAPI & Post-quantum cryptography (openid/fapi)
josephheenan
issues-reply at bitbucket.org
Tue Jul 8 07:55:03 UTC 2025
New issue 748: FAPI & Post-quantum cryptography
https://bitbucket.org/openid/fapi/issues/748/fapi-post-quantum-cryptography
Joseph Heenan:
At some point we need to communicate the FAPI WG thoughts on post-quantum.
A quick set of thoughts:
1. TLS 1.3 \(or later\) will be required for post-quantum so we probably want to add a recommendation around moving off TLS 1.2 at some point
2. For TLS, FAPI2 already references BCP195 \(TLS BCP\) which you presume would be updated when good post-quantum advice is available, so we may not need to do anything other than keep an eye on the situation.
3. For JWS/JWE there is post quantum work progressing at IETF \(but I guess is at least a year away from becoming an RFC\), we need to plan for updating [https://openid.net/specs/fapi-security-profile-2\_0-final.html#section-5.4.1](https://openid.net/specs/fapi-security-profile-2_0-final.html#section-5.4.1) at some point - assuming the first step is allowing post-quantum in addition to existing algs I guess that would mean a FAPI 2.1 in maybe 2 years time. \(I guess a version of FAPI that required the use of post-quantum, and hence disallowed the existing pre-quantum algs, would count as a breaking change so might need to be a FAPI 3.0 revision?\)
More information about the Openid-specs-fapi
mailing list