I personally think this point is important enough to be made explicitly instead of implicitly.
If we want to communicate loudly and clearly that post-quantum cryptography is NEVER coming to TLS 1.2, we need to explicitly say that. Otherwise people will say “I know you said TLS 1.2 was frozen, but post-quantum cryptography isn’t a feature, it’s a critical security vulnerability that needs to be patched regardless of any freezes.” The answer will be and needs to be: “No, we told you clearly and explicitly that post-quantum cryptography would require moving to TLS 1.3 or later”. -Tim From: TLS <tls-boun...@ietf.org> On Behalf Of Hannes Tschofenig Sent: Monday, December 11, 2023 12:06 PM To: Salz, Rich <rsalz=40akamai....@dmarc.ietf.org>; Hannes Tschofenig <hannes.tschofenig=40gmx....@dmarc.ietf.org>; Bas Westerbaan <bas=40cloudflare....@dmarc.ietf.org>; Deirdre Connolly <durumcrustu...@gmail.com> Cc: TLS@ietf.org Subject: Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze' Hi Rich, that is implied by a "feature freeze". No reason to highlight PQC (even though it is a hype topic right now). Ciao Hannes Am 11.12.2023 um 17:18 schrieb Salz, Rich: 1. I consider Section 3 "Implications for post-quantum cryptography" misplaced. I suggest to delete the section 2. The motivation for the draft is unrelated to developments with PQC. The point is to explain to people that we are going to need PQ crypto, and it *will not be a 1.2 enhancement* _______________________________________________ TLS mailing list TLS@ietf.org <mailto:TLS@ietf.org> https://www.ietf.org/mailman/listinfo/tls
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls