I support adoption. Understandably the document tries to be helpful listing the various ways PQ can be configured, how PQ is different; what can go wrong; etc. This also gives the consumer of the document a lot to read and a lot of choices to make. I think it would be better if the document first focuses on what makes good defaults, and what to do when the default is not good enough.
Let me give a concrete example of a failure we should ponder. Today, many users care about secure configuration. Say, we have an nginx user that's worried about the default SSLLabs rating. They Google how to configure NGINX better, and fine [1], which (among many other lines of gibberish for that users) sets the curve list to P-384. With the release of 3.5.0 OpenSSL enables X25519MLKEM768 by default, unless curves are specified manually. This means that this proactive user doesn't get PQ, whereas a less caring user does get PQ. Best, Bas [1] https://ourcodeworld.com/articles/read/2088/how-to-configure-nginx-to-get-an-a-plus-ssl-labs-rating-using-lets-encrypt-certificates On Mon, Sep 1, 2025 at 7:21 AM tirumal reddy <[email protected]> wrote: > Hi Bas, > > Please review the draft > https://datatracker.ietf.org/doc/draft-reddy-uta-pqc-app/ and consider > responding to the WG adoption call. > > Cheers, > -Tiru > > ---------- Forwarded message --------- > From: Alan DeKok <[email protected]> > Date: Thu, 28 Aug 2025 at 17:57 > Subject: [Uta] Call for adoption of draft-reddy-uta-pqc-app > To: <[email protected]> > > > Hi, this is a two week adoption call for draft-reddy-uta-pqc-app. The > call for adoption will end on September 12. > > Please indicate either support or objections to the list. > > https://datatracker.ietf.org/doc/draft-reddy-uta-pqc-app/ > _______________________________________________ > Uta mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ Uta mailing list -- [email protected] To unsubscribe send an email to [email protected]
