Hi Russ, On 06.04.26 19:02, Russ Housley wrote:
Soliciting an LS to "do the trick" for showing consensus does not address the technical concerns of two dozen people who have opposed publication in the WGLC. Given that*there is no public evidence of IEEE 802.11bt having consensus on using pure ML-KEM in TLS protocol*, isn't it fair to ask for technical rationale?This response ignores a lot of context that has already been shared in this thread. I am responding so that people that have not been following closely do not this your red text is correct.IEEE 802.11bt is an approved project to add PQC to 802.11 wireless network standards, which already make use of EAP-TLS. The Project Authorization Request (PAR) explicitly mentions ML-DSA, ML-KEM and SLH-DSA as examples of PQC algorithms. The TLS WG has adopted draft-ietf-tls-mldsa, draft-ietf-tls-mlkem, and other algorithm-related I-Ds, which indicates to the rest of the world that PQC algorithm documents are in the works. On the IETF/IEEE 802 coordination call prior to IETF 125, the was a heads up that the WGLC for draft-ietf-tls-mlkem was underway, but it might not achieve rough consensus. The IEEE 802.11 WG sent a LS to indicate their desire foe the document. Sending that LS required a formal vote, so your statement is absolutely incorrect.You can find the approved Project Authorization Request (PAR) for 802.11bt here: https://mentor.ieee.org/802.11/dcn/25/11-25-0958-00-0PQC-draft-p802-11bt-par.pdf
Thanks for the pointer. In my reading, this PDF only establishes their transition to PQC, which could very much be hybrids. At best, it seems to just have a quick mention of FIPS 203 in "Additional Explanatory Notes" and that could be used in hybrid fashion in TLS, no? Am I missing something?
Regarding consensus: While the vote to send the LS confirms IEEE’s interest in the progress of the draft, does that vote specifically endorse an exclusive non-hybrid implementation in TLS? If there is a record (e.g., meeting recording, email thread) of technical rationale within 802.11 for preferring pure ML-KEM over hybrid, that would be very helpful for the WG to see, and maybe use in the draft for motivation.
Thanks. Best regards, -Usama
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
