Peter Gutmann writes:
> A bit off-topic
Actually, the main content is directly regarding TLS; see below.
> I'd sort of skimmed this bit initially but then it hit me:
> *forty pages* of appeals in a few weeks?
He's talking about the following two appeals that I filed. The first,
accounting for most of the pages, is a 32-page appeal regarding the TLS
WG chairs declaring "consensus" to adopt weakened crypto, specifically
non-hybrid ML-KEM in TLS, which is a weakening of hybrid ML-KEM in TLS:
https://cr.yp.to/2025/20250812-non-hybrid.pdf
The length of the appeal is explained by the complicated background and
by many different problems with what happened here. For example, you
might recall Cisco saying on-list that they're promoting this in pursuit
of NSA funds ("There are people whose cryptographic expertise I cannot
doubt who say that pure ML-KEM is the right trade-off for them, and more
importantly for my employer, thatâs what they're willing to buy. Hence,
Cisco will implement it").
The other appeal, 10 pages, is
https://cr.yp.to/2025/20250827-modpod.pdf
where the context is new IETF-wide censorship procedures that are in
last call (deadline 11 September); see
https://web.archive.org/web/20250906091049/https://mailarchive.ietf.org/arch/msg/ietf/QmkEQ9YTA6WCu2H22v9fobx22GE/
for a shorter introduction that I've just posted. If adopted, those
procedures will apply to _all_ WGs, including TLS. The TLS AD has
pointed to TLS events (without links, but it's possible to figure out
what he's talking about) as an example of why he supports the new
procedures. If you're interested in this topic, I suggest that you
review the MODPOD draft and speak up on the MODPOD WG list (mod-discuss)
before the 11th.
You might assume that "working on responding along with the rest of the
IESG to 40 pages of other IESG appeals" is a lot of work, given the
basic rule of responding to each point in an appeal. However, IETF
doesn't have that rule: on the contrary, there are previous examples of
IESG and IAB receiving long appeals and giving only brief responses.
---D. J. Bernstein
_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]
