Usama, > In my understanding, at least 21 member states of the EU need hybrids.
Interesting. As part of some CRA-related work, I'd been trying to compile a list of national-level requirements for PQ migration so that I could compare them to the EU-wide roadmap. Do you have a reference for this? Or even just a list of which 21 have their own requirements? Thanks, Peter From: Muhammad Usama Sardar <[email protected]> Sent: 30 April 2026 09:33 To: Stephen Farrell <[email protected]>; [email protected] Subject: [TLS] Re: anyone interested in multiple CertificateVerify messages? Hi Stephen, On 30.04.26 01:25, Stephen Farrell wrote: I wonder if anyone has explored whether it'd be useful to look at defining a way in which a server (or, I guess, a client) could authenticate using more than one CertificateVerify message? Yes, please see Sec. 9.1.2 of [0]. The detailed design and formal analysis of this is in a paper that we submit next week. Happy to share that off-list if you are interested. As Ekr pointed out, [1] is a good start. I believe authors have done good work. If you (and others) find out that it is potentially useful direction, please attest to it in the thread [2] to move this work forward. In my understanding, at least 21 member states of the EU need hybrids. We have to do something for them. So I read "way too complicated" mentioned in the thread as "let's get started with some serious work rather than doing hacks like standalone ML-DSA." Thank you. Sincerely, -Usama [0] https://www.researchgate.net/publication/398839141_Identity_Crisis_in_Confidential_Computing_Formal_Analysis_of_Attested_TLS [1] https://datatracker.ietf.org/doc/draft-yusef-tls-pqt-dual-certs/ [2] https://mailarchive.ietf.org/arch/msg/tls/ZRuadgaS5z_LM25YSA6qIOF2VbU/
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
