Dear all,
I do not think that the TLS WG should publish a non-hybrid signature proposal
at this point. We should instead put support and effort behind hybrid drafts.
I agree that these systems should not be recommended at this point, which is in
line with the IANA considerations, however I'm concerned that the mere
existence of an RFC will be seen as an endorsement by the IETF and lead to
deployment of ML-DSA without extra ECC protection, which is a security issue.
I thus oppose publication of draft-ietf-tls-mldsa.
All the best
Tanja
On Wed, Apr 22, 2026 at 10:41:31AM -0400, Sean Turner wrote:
> Reminder that this WGLC ends tomorrow.
>
> spt
>
> > On Apr 15, 2026, at 15:07, Sean Turner <[email protected]> wrote:
> >
> > Reminder that this WGLC is still ongoing.
> >
> > spt
> >
> >> On Apr 9, 2026, at 15:30, Sean Turner <[email protected]> wrote:
> >>
> >> This is the working group last call for Use of ML-DSA in TLS 1.3. Please
> >> review draft-ietf-tls-mldsa [1] and reply to this thread indicating if you
> >> think it is ready for publication or not. If you do not think it is ready
> >> please indicate why. This call will end on April 23, 2026.
> >>
> >> REMINDER: If you have not done so recently, review the TLS WG's Mail List
> >> Procedures; see [2].
> >>
> >> The Chairs,
> >> Deirdre, Joe, and Sean
> >>
> >> [1] https://datatracker.ietf.org/doc/draft-ietf-tls-mldsa/
> >> [2] https://mailarchive.ietf.org/arch/msg/tls/ucdImHExlbOf4Q3BCG81gjzi2xE/
> >
>
> _______________________________________________
> TLS mailing list -- [email protected]
> To unsubscribe send an email to [email protected]
_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]
