Bas Westerbaan <bas=40cloudflare....@dmarc.ietf.org> wrote:
> The number of people that actually implement these hybrid KEMs is much
> smaller than the number of people that need to make a choice based on their
> name. How do we explain that one is called MLKEM768X25519 and the other
> SecP256r1MLKEM768?
"In hybrid key exchanges, the name reflects the
order."
This strikes me as overall much less confusing all
around than
"One is called <first><second>, the other is called
<second><first>, because we wanted to have both end in
the same string."
People choosing will do a substring match ("I want
PQC, so... ok, here's one that contains 'MLKEM', let
me enable that.").
-Jan
_______________________________________________
TLS mailing list -- tls@ietf.org
To unsubscribe send an email to tls-le...@ietf.org
