Deirdre Connolly writes: > I wrote it because I wanted to use it. Enough.
Don't proposals to IETF always claim that there will be users? This is content-free, and not a valid argument for IETF endorsement. Back in March, the first message announcing the draft similarly didn't give a technological rationale for the draft. I promptly raised security objections; those weren't answered. There was, however, more information after Eric Rescorla asked what the motivation was for the draft. Specifically, your answer claimed that this is what NSA wants: > In the more concrete scope, FIPS / CNSA 2.0 compliance guidelines > <https://media.defense.gov/2022/Sep/07/2003071834/-1/-1/0/CSA_CNSA_2.0_ALGORITHMS_.PDF> > currently are a big 'maybe' at best for 'hybrid solutions', and the > timetables for compliant browsers, servers, and services are to exclusively > use FIPS 203 at level V (ML-KEM-1024) by 2033. I figure there will be > demand for pure ML-KEM key agreement, not hybrid (with no questions that > come along with it of whether it's actually allowed or not). How does this NSA-dominated statement of the document's rationale match the new statement "I wrote it because I wanted to use it"? I'm puzzled. This rationale was preceded by a few lines objecting to hybrids "in the long-term". That obviously isn't a rationale for a current draft. ---D. J. Bernstein _______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
