Hiya,
Just to clarify my position a little, based on what some others have said: I'd prefer this not be published at all for a few years at least. I'd also prefer we develop a security area BCP that covers the hybrid vs. pure KEMs topic and make that a normative reference for all RFCs documenting pure PQ KEMs. Much worse than either of the above would be to add specific text to this document saying we prefer hybrids. But at the very least that has to be done. If that's done soon and there's another WGLC for this document, I'll still oppose publication on the basis of the 1st two reasons above. Cheers, S. On 05/11/2025 19:00, Stephen Farrell wrote:
I re-read the document. It has zero commentary on the issues about hybrids vs. pure PQ. It may be hard to reach rough consensus on what to say about that, but it is a topic where people have significantly different opinions, so I think we ought say something, for example, along the lines of, "At the time of writing a significant number of knowledgeable people consider it better to deploy hybrid KEMS, while some do dispute that. Opinions may change over time." I'd be happy but surprised if the WG had consensus to add such text, but we should. Absent that, I think producing an RFC based on this draft provides a misleading signal to the community. Also - what happened to the adopt-but-park plan? Did that get lost in the fog of appeals? Cheers, S. On 05/11/2025 18:51, Sean Turner via Datatracker wrote:Subject: WG Last Call: draft-ietf-tls-mlkem-05 (Ends 2025-11-26) This message starts a 3-week WG Last Call for this document. Abstract: This memo defines ML-KEM-512, ML-KEM-768, and ML-KEM-1024 as NamedGroups and and registers IANA values in the TLS Supported Groups registry for use in TLS 1.3 to achieve post-quantum (PQ) key establishment. File can be retrieved from: https://datatracker.ietf.org/doc/draft-ietf-tls-mlkem/ Please review and indicate your support or objection to proceed with thepublication of this document by replying to this email keeping [email protected] in copy. Objections should be motivated and suggestions to resolve them arehighly appreciated. Authors, and WG participants in general, are reminded again of theIntellectual Property Rights (IPR) disclosure obligations described in BCP 79[1]. Appropriate IPR disclosures required for full conformance with theprovisions of BCP 78 [1] and BCP 79 [2] must be filed, if you are aware of any. Sanctions available for application to violators of IETF IPR Policy canbe found at [3]. Thank you. [1] https://datatracker.ietf.org/doc/bcp78/ [2] https://datatracker.ietf.org/doc/bcp79/ [3] https://datatracker.ietf.org/doc/rfc6701/ _______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
