[TLS] Re: [External⚠️] Re: [EXT] Re: [EXTERNAL] Re: Dual certificates in TLS proposal

[Yaroslav Rosomakho]

Because it won’t require running a zoo of PKIs. Ideally just two - classic and pure PQ with eventual convergence on the latter. -yaroslav  On 19 Jun 2025, at 01:51, Blumenthal, Uri - 0553 - MITLL <u...@ll.mit.edu> wrote: And you want a composite signature in TLS - why? — Regards, Uri Secure Resilient Systems and Technologies MIT Lincoln Laboratory On Jun 18, 2025, at 19:48, Yaroslav Rosomakho <yrosoma...@zscaler.com> wrote:  On Thu, Jun 19, 2025 at 1: 33 AM Watson Ladd <watsonbladd@ gmail. com> wrote: On Wed, Jun 18, 2025, 4: 30 PM Yaroslav Rosomakho <yrosomakho@ zscaler. com> wrote: One of the key use cases is to simplify PKI architectures for closed environments ZjQcmQRYFpfptBannerStart This Message Is From an External Sender This message came from outside the Laboratory.   ZjQcmQRYFpfptBannerEnd On Thu, Jun 19, 2025 at 1:33 AM Watson Ladd <watsonbl...@gmail.com> wrote: On Wed, Jun 18, 2025, 4:30 PM Yaroslav Rosomakho <yrosoma...@zscaler.com> wrote: One of the key use cases is to simplify PKI architectures for closed environments that will have to deal with a mix of clients. Transition from RSA to ECDSA required two end-entity certificates and did not have to touch the rest of the certificate chain. Why does this draft make that simpler? It envisions two separate chains. Same as with using the existing negotiating mechanisms. With a composite certificate approach two separate chains are sufficient only if one serves classic-only clients and composite-only clients that are compatible with a given choice of composites. PQ-only clients or clients with other opinions about components of PQ/T will require an additional chain for every variation. -yaroslav This communication (including any attachments) is intended for the sole use of the intended recipient and may contain confidential, non-public, and/or privileged material. Use, distribution, or reproduction of this communication by unintended recipients is not authorized. If you received this communication in error, please immediately notify the sender and then delete all copies of this communication from your system. This communication (including any attachments) is intended for the sole use of the intended recipient and may contain confidential, non-public, and/or privileged material. Use, distribution, or reproduction of this communication by unintended recipients is not authorized. If you received this communication in error, please immediately notify the sender and then delete all copies of this communication from your system.

_______________________________________________
TLS mailing list -- tls@ietf.org
To unsubscribe send an email to tls-le...@ietf.org