[TLS] Weekly github digest (TLS Working Group Drafts)

2024-09-08 Thread Repository Activity Summary Bot
Issues -- * tlswg/draft-ietf-tls-esni (+1/-0/💬1) 1 issues created: - Proxy Mode (by taoso) https://github.com/tlswg/draft-ietf-tls-esni/issues/626 1 issues received 1 new comments: - #626 Proxy Mode (1 by richsalz) https://github.com/tlswg/draft-ietf-tls-esni/issues/626 R

[TLS] Re: [TLS]Re: [EXTERNAL] Consensus Call: -rfc8446bis PRs #1360

2024-09-08 Thread D. J. Bernstein
Eric Rescorla writes: > I do not think we need to make Curve25519 MTI. The purpose of MTIs is to > provide a minimum baseline for interoperability, and we have that already > with the existing MTI. That's entirely compatible with most people > preferring X25519 because they believe it's better than

[TLS] Re: [TLS]Re: [EXTERNAL] Consensus Call: -rfc8446bis PRs #1360

2024-09-08 Thread John Mattsson
Hi, D. J. Bernstein wrote: > recent breaks of "5G Subscription Concealed Identifiers" The paper broke a hobby implementation of 5G which in addition to ignoring the mandatory point validation also ignored the mandatory point compression. The implementation is not used in any 5G network and woul

[TLS] Re: [TLS]Re: [EXTERNAL] Consensus Call: -rfc8446bis PRs #1360

2024-09-08 Thread Watson Ladd
On Sun, Sep 8, 2024, 9:41 AM John Mattsson wrote: > Hi, > > > D. J. Bernstein wrote: > > > recent breaks of "5G Subscription Concealed Identifiers" > > > > The paper broke a hobby implementation of 5G which in addition to > ignoring the mandatory point validation also ignored the mandatory point

[TLS] Re: draft-kwiatkowski-tls-ecdhe-mlkem and P-384

2024-09-08 Thread kris
Hello, I'm sorry, possibly I've missed some emails. If there is an interest I propose we add it to existing draft, publish version -03 and request a code point. The repo is here: https://github.com/post-quantum-cryptography/draft-kwiatkowski-tls-ecdhe-mlkem Feel free to open PR Cheers, Kris __

[TLS] Re: [EXT] Re: draft-kwiatkowski-tls-ecdhe-mlkem and P-384

2024-09-08 Thread Blumenthal, Uri - 0553 - MITLL
If we do hybrid at all - it makes perfect sense then to specify ECDHE over P-384 and ML-KEM-1024. Thx—Regards,UriSecure Resilient Systems and TechnologiesMIT Lincoln LaboratoryOn Sep 8, 2024, at 20:06, kris wrote: Hello, I'm sorry, possibly I've missed some emails. If there is an interest I prop

[TLS] Re: [TLS]Re: [EXTERNAL] Consensus Call: -rfc8446bis PRs #1360

2024-09-08 Thread D. J. Bernstein
John Mattsson writes: > ignoring the mandatory point validation Exactly! That's how the real world works. The NSA/NIST approach fills ECDH and signatures with traps for the implementors; implementors fall into the traps; the NSA/NIST responses sound like "This security failure is _your_ fault! Rea