On 05.11.25 19:51, Sean Turner via Datatracker wrote:
I do not support publication in its current state, but I do not have a strong opinion.Please review and indicate your support or objection [...]
Objections should be motivated and suggestions to resolve them are highly appreciated.
I would like the draft to address the following: * Introduction and motivation is too small: literally two sentences. That's clearly insufficient. Sure, I'm not a PQ expert but an I-D is not for experts only, isn't it? * If compliance is the motivation, it should be added in the introduction/motivation with at least one pointer to authentic reference of concrete regulation. If it is for National Security Systems (NSS), such systems might also require attestation, and hence my following comment. * The security considerations in the draft provide no details regarding potential extensions. For example, if I were to support pure PQ as well as attestation within the handshake, I am left with no guidance on what are the specifics of pure PQ that I should absolutely consider. * Has any formal analysis been done for this draft? Submitted a minor PR for typos [0] -Usama [0] https://github.com/tlswg/draft-ietf-tls-mlkem/pull/8
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
