Could you elaborate on the reasons behind this position? Understanding the specific objections would help us address them in the draft or in the WG discussion.
-Tiru On Tue, 14 Apr 2026 at 04:33, David Adrian <[email protected]> wrote: > I am perfectly fine defining composite certificates however, I will go > further than other David and say that Chrome cannot, should not, must not, > and will not implement composite certificates in TLS. > > On Mon, Apr 13, 2026 at 3:51 PM Filippo Valsorda <[email protected]> > wrote: > >> We have no plans to implement composite certificates either. >> >> 2026-04-14 00:20 GMT+02:00 Watson Ladd <[email protected]>: >> >> I do not think composite certs make sense for TLS. >> >> On Mon, Apr 13, 2026 at 12:33 PM David Benjamin <[email protected]> >> wrote: >> > >> > On Mon, Apr 13, 2026 at 10:51 AM Viktor Dukhovni < >> [email protected]> wrote: >> >> >> >> On Mon, Apr 13, 2026 at 04:30:34PM +0000, Andrei Popov wrote: >> >> >> >> > Just to weigh in on this: I would support adoption of >> >> > draft-reddy-tls-composite-mldsa. There is customer demand for >> >> > composite certs, and I would like to get these implemented in the >> >> > Windows TLS stack. >> >> >> >> I don't know what sort of interoperability you are expecting with >> these, >> >> I am strongly inclined to NOT implement any of the composite signature >> >> algorithms, at least not in TLS. It may be harder to fend off their >> >> adoption in CMS, but ideally sit that out as well, until we either have >> >> CRQCs and hybrids are pointless, or we don't have CRQCs and know why >> >> we're never going to have them. >> > >> > >> > We're also not planning to implement composite ML-DSA in TLS. >> > >> > David >> > _______________________________________________ >> > TLS mailing list -- [email protected] >> > To unsubscribe send an email to [email protected] >> >> >> >> -- >> Astra mortemque praestare gradatim >> >> _______________________________________________ >> TLS mailing list -- [email protected] >> To unsubscribe send an email to [email protected] >> >> >> _______________________________________________ >> TLS mailing list -- [email protected] >> To unsubscribe send an email to [email protected] >> > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
