I support adoption.
I don't think we having a (non-recommended!) scheme available that does not
support hybrids is a problem, there are legitimate reasons to want that
kind of key exchange, and as time progresses, non-hybrid key exchanges will
become more and more commonplace, so why not have it a
Reviewer: R. Gieben
Review result: Ready
Hello,
I'm the designated reviewer from dnsdir for this draft. I've reviewed -23 and
looked at the diff with -24. My previous comments/nits are fixed in version
-24, thus ready from that perspective.
Regards,
Miek
___
The IANA codepoints allocated in the current draft are all 'Recommended: N'
On Tue, Apr 1, 2025, 8:59 PM Martin Thomson wrote:
> Like other pure ML-KEM uses, I am OK with adoption, though I might oppose
> Recommended: Y when it comes to that. I also share John's concerns about
> key reuse, but
Sean Turner wrote:
> We are continuing with our pre-announced tranche of
> WG adoption calls; see [0] for more information.
> This time we are issuing a WG adoption call for the
> ML-KEM Post-Quantum Key Agreement for TLS 1.3 I-D
> [1]. If you support adoption and are willing to
> review and contr
> rather than a safer hybrid
As a coauthor on hybrid publications and I-Ds, I do not agree that hybrids
are categorically safer. The -tls-hybrid-design for hybrids is pretty
great... if you use secure component algorithms.
On Wed, Apr 2, 2025, 12:24 PM Bellebaum, Thomas <
thomas.belleb...@aisec.f
> I believe that adopting the draft will allow those who
> wish to use pure PQC (for whatever reasons they may
> have) to do so while at the same time not in any way
> impacting anybody else who doesn't want to do that.
Those who wish to use pure PQC do not need permission. This is about IET
I support adoption.
I also would like to prohibit key reuse, but opposing adoption feels like a bad
way to reach that outcome: if the document is published by the ISE or just
lives on as a widely deployed draft, the WG will have no say in what
requirements it has.
It also seems clear to me the
2025-04-02 17:39 GMT+02:00 Salz, Rich :
> Opposing adoption to force the document to be published in a way that can't
> be "Recommended: Y" feels like (unnecessarily) meta-gaming the IETF process.
>
> I am not aware of any of those opposed who are doing it for this reason.
> Perhaps speculating
> I believe that adopting the draft will allow those who
> wish to use pure PQC (for whatever reasons they may
> have) to do so while at the same time not in any way
> impacting anybody else who doesn't want to do that.
Those who wish to use pure PQC do not need permission. This is about IETF
I support adoption of pure PQC KEMs drafts with Intended status: Informational
(meaning that the IETF is not recommending using).
Any IPR that can be asserted against Kyber can be asserted against already
adopted hybrid methods incorporating Kyber.
If anything, one may attempt to argue that hybri
10 matches
Mail list logo
