Sorry for the late response; I was going through old emails and came across
this; I thought it warranted a response
> -Original Message-
> From: TLS On Behalf Of Ilari Liusvaara
> Sent: Saturday, April 30, 2022 5:05 AM
> To: TLS@ietf.org
> Subject: Re: [TLS] WGLC for draft-ietf-tls-hybri
On 8/9/22 4:12 PM, Eric Rescorla wrote:
n Tue, Aug 9, 2022 at 4:08 PM Benjamin Kaduk wrote:
On Tue, Aug 09, 2022 at 03:59:01PM -0700, Eric Rescorla wrote:
>
3. Are you aware of some other set of rules for certificate issuance
that require
revocation after the certificate has expir
Again, this is late, however Stephen did ask this to be discussed in the
working group, so here we go:
> -Original Message-
> From: TLS On Behalf Of Stephen Farrell
> Sent: Saturday, April 30, 2022 11:49 AM
> To: Ilari Liusvaara ; TLS@ietf.org
> Subject: Re: [TLS] WGLC for draft-ietf-tls
Why both X25519+Kyber512 and P256+Kyber512?
Note that Anything+Kyber512, in particular X25519+Kyber512, will be FIPS
certifiable after NIST standardized Kyber512.*
Best,
Bas
—
* With the tiny caveat that apparently the order of the shares does matter
atm. [insert facepalm.]
> - X25519 + Kyb
Why both X25519+Kyber512 and P256+Kyber512?
Because there are good HW implementations supporting P256, and (at least for
some people) it’s good enough?
smime.p7s
Description: S/MIME cryptographic signature
___
TLS mailing list
TLS@ietf.org
https:/
On 8/11/2022 1:54 PM, Benjamin Kaduk wrote:
On Thu, Aug 11, 2022 at 12:35:23PM -0700, Christian Huitema wrote:
Isn't the ANIMA WG working on these scenarios? If there is a formal
"enrollment" process for adding a device to a network, that process could
include setting the time, and possibly pe
Again, responding to old emails...
> -Original Message-
> From: TLS On Behalf Of Stephen Farrell
> Sent: Friday, April 29, 2022 8:25 PM
> To: TLS@ietf.org
> Subject: Re: [TLS] WGLC for draft-ietf-tls-hybrid-design
>
> - section 2: if "classic" DH were broken, and we then depend on a PQ-K
