I have read draft-westerbaan-tls-keyshare-recommendations-02
and I support its adoption as a working group item.
* Regarding setting RECOMMENDED=Y for SecP256r1MLKEM768 and SecP384r1MLKEM1024,
I don't find this necessary. These were included to serve niche applications.
I believe they should remain at RECOMMENDED=N unless a clear justification
for changing the flag is presented.
* Regarding setting the classical key exchange groups to RECOMMENDED=N: I don't
support doing so at this stage. In my view, X25519MLKEM768 should first be
established as MTI before we consider deprecating the traditional ECDHE
groups. It would be a great outcome if this draft could serve as a vehicle
to drive X25519MLKEM768 towards MTI status.
Deprecation of MTI schemes to RECOMMENDED=N sends conflicting signal.
Personally, I don't mind whether RECOMMENDED=Y is set by this draft or by
draft-ietf-tls-ecdhe-mlkem, but I think that discussion was largely settled
last year.
Cheers,
Kris
On 28/04/2026 21:46, Joseph Salowey wrote:
This is a working group adoption call for
draft-westerbaan-tls-keyshare-recommendations-02 that we noted in [1].
The purpose of this draft is solely to mark X25519MLKEM768 as
recommended "Y" in the registry. This draft represents what the
authors think is an acceptable compromise combining two drafts:
draft-westerbaan-tls-keyshare-recommendations-00 and
draft-usama-tls-ecdhe-mlkem-update-00. The notable differences in the
latest draft are:
1. The draft does not deprecate the traditional ECDHE groups
2. The draft only marks X25519MLKEM768 as "Y" and the other hybrid
ECDHE groups remain "N"
These differences can be addressed in future documents if necessary
Please respond to this thread if you approve of adopting this draft as
a working group item. If you do not approve of adopting this work,
please explain why. This call will close on May 11, 2026.
The chairs are not sending this draft to the FATT for review because
it only updates an IANA registry for an algorithm defined in another
draft.
REMINDER 1: If you have not done so recently, review the TLS WG's Mail
List Procedures; see [2].
REMINDER 2: As noted in [1], we plan to WGLC this draft soon after
successful adoption on a working group document incorporating any
changes identified in the adoption process.
Thanks,
Joe, Deirdre, Sean
[1] https://mailarchive.ietf.org/arch/msg/tls/ckzUlvxUpa38lzHEVKwBlXwQ8x0/
[2] https://mailarchive.ietf.org/arch/msg/tls/ucdImHExlbOf4Q3BCG81gjzi2xE/
_______________________________________________
TLS mailing list [email protected]
To unsubscribe send an email [email protected]
_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]
