Sophie Schmieg wrote: >”with no opinion on the recommendation flag, other than a hope that we don't >get distracted by it for too long.” >”Well, technically my opinion is that X25519MLKEM768 should be recommended”
+1 (While I don’t have any personal use of SecP256r1MLKEM768 and SecP384r1MLKEM1024, I think they are strictly better than SecP256r1 and SecP384r1which are both Recommended=Y and SecP256r1 even being MTI. Let’s publish and argue about changes later…) EKR wrote: >It's purely about whether we think it's reasonable to implement. This is the current meaning. RFC8447bis will change the meaning to: “This only means that the associated mechanism is fit for the purpose for which it was defined.” Cheers, John From: Sophie Schmieg <[email protected]> Date: Tuesday, 14 October 2025 at 22:31 To: Kris Kwiatkowski <[email protected]> Cc: [email protected] <[email protected]> Subject: [TLS] Re: Working Group Last Call for Post-quantum Hybrid ECDHE-MLKEM Key Agreement for TLSv1.3 I support publishing this draft, with no opinion on the recommendation flag, other than a hope that we don't get distracted by it for too long. Well, technically my opinion is that X25519MLKEM768 should be recommended, but I also think that neither this flag nor the MTI flag have any meaning in the first place, due to the lack of an RFC police, so I am entirely indifferent on the value it is given. On Tue, Oct 14, 2025 at 12:14 PM Kris Kwiatkowski <[email protected]<mailto:[email protected]>> wrote: Dear Dan, Vulnerability scans show again and again that these devices are normally out of date (and it's also well understood why) This point is particulary interesting. Can you provide a reference to those vulnerability scans? _______________________________________________ TLS mailing list -- [email protected]<mailto:[email protected]> To unsubscribe send an email to [email protected]<mailto:[email protected]> -- Sophie Schmieg | Information Security Engineer | ISE Crypto | [email protected]<mailto:[email protected]>
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
