If that draft is useful, it probably belongs in the UTA working group, not TLS.
I would express the guidance this way: Use a hybrid that combines PQ and “classic” algorithms, so that if one is broken you’re still safe. If you are required to use only PQ, so be it.
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
