[TLS] Re: Working group adoption call for draft-westerbaan-tls-keyshare-recommendations-02

Thu, 30 Apr 2026 17:47:46 -0700 

Hi Kris,

On 01.05.26 00:39, Kris Kwiatkowski wrote:


I have read draft-westerbaan-tls-keyshare-recommendations-02
and I support its adoption as a working group item.

Thank you for the support and sharing recommendations on PRs.

* Regarding setting RECOMMENDED=Y for SecP256r1MLKEM768 and SecP384r1MLKEM1024,
   I don't find this necessary. These were included to serve niche applications.
   I believe they should remain at RECOMMENDED=N unless a clear justification
   for changing the flag is presented.



My understanding from [0] is that 'limited applicability' can still be 
recommended but with applicability statements, which admittedly is 
missing in the PR. I'll propose an update to the PR in the next days 
with applicability statement and justification for WG review.



* Regarding setting the classical key exchange groups to RECOMMENDED=N: I don't
   support doing so at this stage. In my view, X25519MLKEM768 should first be
   established as MTI before we consider deprecating the traditional ECDHE
   groups. It would be a great outcome if this draft could serve as a vehicle
   to drive X25519MLKEM768 towards MTI status.
   Deprecation of MTI schemes to RECOMMENDED=N sends conflicting signal.


These are good points and I agree with all your points.


Based on this, I assume your 'thumbs up' on PR#2 was by accident, 
because I previously thought you are in support of merging that PR. If 
possible, please change it to 'thumbs down.' 😉



Regarding driving towards MTI: if you are specifically advising 
inclusion of some text, you are welcome to submit a PR, or please give 
some idea of what kind of text you would like to see. Thank you.



Personally, I don't mind whether RECOMMENDED=Y is set by this draft or by
draft-ietf-tls-ecdhe-mlkem, but I think that discussion was largely settled
last year.



I agree with you. I expect that's why Bas did all this effort -- I was 
just either approving or blocking his PRs 🙂


Best regards,

-Usama

[0] https://www.rfc-editor.org/rfc/rfc9847#section-3




Attachment:
smime.p7s

Description: S/MIME Cryptographic Signature


_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]























					Reply via email to