Note that this is discussing the key agreement to begin with, so it would be ML-KEM in any case. And again, I have no strong preference on any of the flags, MTI is imho meaningless (there is no such thing as mandatory to implement, since no enforcement arm of IETF exists, thankfully, so implementers can just not implement something if they don't want to), and the RECOMMENDED flag is similarly undefined, as has been argued back and forth on the list. Let's just ship it, please :)
On Mon, Oct 20, 2025 at 10:14 AM Alicja Kario <hkario= [email protected]> wrote: > On Monday, 20 October 2025 17:57:33 CEST, Simon Josefsson wrote: > > Alicja Kario <[email protected]> writes: > > > >> If that classical part was good enough to be MTI and stay as > >> Recommended now, it should be good enough to be part of the hybrids > >> too. > > > > I disagree with that, if you imply that the P256 hybrid should be MTI. > > > > So if old DSA was still MTI we have to make DSA + ML-DSA MTI too? > > We're not discussing if any of the hybrids should be mandatory to > implement. > And what is the purpose of discussing alternative timelines where DSA is > dominant? > > > I think we should make decisions about P256+MLDSA based on today's > > knowledge about P256 and MLDSA (and the combiner) rather than having > > necessarily make decisions that use earlier decisions on P256 as a least > > common denominator (i.e., MTI). > > And what did fundamentally change since the P-256 was marked as MTI and > both it and secp384r1 curve were marked as Recommended? > -- > Regards, > Alicja Kario > Principal Quality Engineer, RHEL Crypto team > Web: www.cz.redhat.com > Red Hat Czech s.r.o., Purkyňova 115, 612 00, Brno, Czech Republic > > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected] > -- Sophie Schmieg | Information Security Engineer | ISE Crypto | [email protected]
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
