I support adoption of this draft. > Op 26 feb 2025, om 20:16 heeft Christopher Wood <c...@heapingbits.net> het > volgende geschreven: > > As I understand it, the purpose of this draft is to specify an interoperable > key exchange mechanism that we can deploy. The draft already has code points > allocated to it, and they exist in the registry > <https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8>, > so I wonder: what is the point of adopting this draft when the important > work is already done? If it’s that some folks won’t implement it until > there’s an RFC number assigned to it, well, that’s pretty silly. I support > adoption if it helps this work get implemented more broadly, but I think it’s > worth asking whether or not this is a good use of an already busy working > group’s time.
I agree with Chris’s point, but as others have also echoed, third parties don’t seem to really appreciate the finer points of the levels of IETF standardizations. I recently read this in the UK NCSC’s guidance on PQC: > The NCSC strongly advises that operational systems should use protocol > implementations based on RFCs, not on Internet Drafts. https://www.ncsc.gov.uk/whitepaper/next-steps-preparing-for-post-quantum-cryptography So it seems we either have a lot of educating to do, or we can just settle for adopting a few more drafts while acknowledging that it’s slightly performative. Cheers, Thom > > Best, > Chris > >> On Feb 26, 2025, at 1:26 PM, Sean Turner <s...@sn3rd.com> wrote: >> >> At IETF 121, the WG discussed “Post-Quantum Hybrid ECDHE-MLKEM Key Agreement >> for TLSv1.3”; see [0] and [1]. We also had some discussion in an information >> gathering thread; see [2]. We would like to now determine whether there is >> support to adopt this I-D. If you support adoption and are willing to review >> and contribute text, please send a message to the list. If you do not >> support adoption of this I-D, please send a message to the list and indicate >> why. This WG adoption call will close at 2359 UTC on 12 March 2025. >> >> One special note: this adoption call has nothing to do with picking the >> mandatory-to-implement cipher suites in TLS. >> >> Thanks, >> Sean & Joe >> >> [0] Link to I-D: >> https://datatracker.ietf.org/doc/draft-kwiatkowski-tls-ecdhe-mlkem/ >> [1] Link to slides: >> https://datatracker.ietf.org/meeting/121/materials/slides-121-tls-post-quantum-hybrid-ecdhe-mlkem-key-agreement-for-tlsv13-00 >> [2] Link to information gather thread: >> https://mailarchive.ietf.org/arch/msg/tls/yGZV5dBTcxHJhG-JtfaP6beTd68/ >> _______________________________________________ >> TLS mailing list -- tls@ietf.org >> To unsubscribe send an email to tls-le...@ietf.org > > _______________________________________________ > TLS mailing list -- tls@ietf.org > To unsubscribe send an email to tls-le...@ietf.org
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
