On Mon, Oct 20, 2025 at 7:39 AM John Mattsson <john.mattsson= [email protected]> wrote:
> *Sophie Schmieg **wrote:* > >”with no opinion on the recommendation flag, other than a hope that we > don't get distracted by it for too long.” > > >”Well, technically my opinion is that X25519MLKEM768 should be > recommended” > > +1 > > (While I don’t have any personal use of SecP256r1MLKEM768 and > SecP384r1MLKEM1024, I think they are strictly better than SecP256r1 and > SecP384r1which are both Recommended=Y and SecP256r1 even being MTI. Let’s > publish and argue about changes later…) > > > *EKR wrote:*>It's purely about whether we think it's reasonable to implement. > > This is the current meaning. RFC8447bis will change the meaning to: > > “This only means that the associated mechanism is fit for the purpose for > which it was defined.” > > Right. Is it not the opinion of the TLS WG that P256/P-384 + MLKEM are fit for that purpose? If not, on what basis, given that we require you to implement P-256 alone? -Ekr > Cheers, > John > > > > *From: *Sophie Schmieg <[email protected]> > *Date: *Tuesday, 14 October 2025 at 22:31 > *To: *Kris Kwiatkowski <[email protected]> > *Cc: *[email protected] <[email protected]> > *Subject: *[TLS] Re: Working Group Last Call for Post-quantum Hybrid > ECDHE-MLKEM Key Agreement for TLSv1.3 > > I support publishing this draft, with no opinion on the recommendation > flag, other than a hope that we don't get distracted by it for too long. > > > > Well, technically my opinion is that X25519MLKEM768 should be recommended, > but I also think that neither this flag nor the MTI flag have any meaning > in the first place, due to the lack of an RFC police, so I am entirely > indifferent on the value it is given. > > > > On Tue, Oct 14, 2025 at 12:14 PM Kris Kwiatkowski <kris= > [email protected]> wrote: > > Dear Dan, > > Vulnerability scans show again and again that these > > devices are normally out of date (and it's also well understood why) > > This point is particulary interesting. Can you provide a reference to > those vulnerability scans? > > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected] > > > > > -- > > > Sophie Schmieg | Information Security Engineer | ISE Crypto | > [email protected] > > > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
