To be on the same page, framing the problem for clean discussion. Could you please clarify which one of the following did you mean?
Outer TLS: Network layer: use pure ML-KEM Inner TLS: Application layer: use ML-KEM + ECDHE OR Outer TLS: Network layer: use pure ML-KEM Inner TLS: Application layer: use ECDHEWhat I still find confusing in both cases is that if outer TLS is long-lived, then performance benefit of pure ML-KEM (vs. ML-KEM + ECDHE) should not be a valid argument. That is even if I accept that the performance impact of ECDHE is significant, it is just one-time bootstrapping cost for a connection that will be lasting for long-term. What am I missing?
Best, -Usama
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
