It added support for draft-ietf-lamps-x509-slhdsa, not for this. Peter
From: Filippo Valsorda <[email protected]> Sent: 19 August 2025 17:34 To: John Mattsson <[email protected]> Cc: TLS List <[email protected]> Subject: [TLS] Re: Second WG Adoption Call for Use of SLH-DSA in TLS 1.3 2025-08-19 17:34 GMT+02:00 John Mattsson <[email protected]<mailto:[email protected]>>: To my understanding, OpenSSL 3.5 LTS already uses the unregistered numbers in the draft. I also had that impression, but Viktor corrected me in another thread. See excerpt below. 2025-05-19 13:53 GMT+02:00 Viktor Dukhovni <[email protected]<mailto:[email protected]>>: On Mon, May 19, 2025 at 01:29:40PM +0200, Filippo Valsorda wrote: > 2025-05-19 12:41 GMT+02:00 John Mattsson > <[email protected]<mailto:[email protected]>>: > > OpenSSL 3.5 has already shipped with the Values 0x0911 - 0x91C that > > are in the draft. > > Frankly, this is a bit irritating, especially given the precedent of > seed encodings, where we all got saddled with a fractal encoding to > appease the "legacy" of a handful of early adopters. Now OpenSSL ships > a production feature in a LTS version with 12 commandeered > unregistered codepoints from the public range. Ok. OpenSSL 3.5 DOES NOT have TLS codepoints for SLH-DSA. I don't know where John Mattsson got that impression. The only PQ signature TLS codepoints in OpenSSL 3.5 are: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-signaturescheme 0x0904 mldsa44 N [draft-tls-westerbaan-mldsa-00] 0x0905 mldsa65 N [draft-tls-westerbaan-mldsa-00] 0x0906 mldsa87 N [draft-tls-westerbaan-mldsa-00]
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
