Thanks to Scott and ekr for their reviews so far, I've pushed version 02 to address basically all points they brought up:
https://datatracker.ietf.org/doc/draft-ietf-tls-mlkem/02/ v01-v02 diff: https://github.com/tlswg/draft-ietf-tls-mlkem/compare/draft-ietf-tls-mlkem-01...draft-ietf-tls-mlkem-02 v00-v02 diff: https://github.com/tlswg/draft-ietf-tls-mlkem/compare/draft-ietf-tls-mlkem-00...draft-ietf-tls-mlkem-02 I left in a mention of the possibility of failure but paired it down to 'clients can retry is a failure is encountered': https://github.com/tlswg/draft-ietf-tls-mlkem/commit/59659f54e6121d68bdaee3ddf19cac36cb82ae58 On Tue, Jul 22, 2025 at 3:15 PM <[email protected]> wrote: > Internet-Draft draft-ietf-tls-mlkem-02.txt is now available. It is a work > item > of the Transport Layer Security (TLS) WG of the IETF. > > Title: ML-KEM Post-Quantum Key Agreement for TLS 1.3 > Author: Deirdre Connolly > Name: draft-ietf-tls-mlkem-02.txt > Pages: 10 > Dates: 2025-07-22 > > Abstract: > > This memo defines ML-KEM-512, ML-KEM-768, and ML-KEM-1024 as a > standalone NamedGroups for use in TLS 1.3 to achieve post-quantum key > agreement. > > The IETF datatracker status page for this Internet-Draft is: > https://datatracker.ietf.org/doc/draft-ietf-tls-mlkem/ > > There is also an HTML version available at: > https://www.ietf.org/archive/id/draft-ietf-tls-mlkem-02.html > > A diff from the previous version is available at: > https://author-tools.ietf.org/iddiff?url2=draft-ietf-tls-mlkem-02 > > Internet-Drafts are also available by rsync at: > rsync.ietf.org::internet-drafts > > > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
