On Tue, 1 Apr 2025 at 19:30, David Adrian <davad...@umich.edu> wrote: > > I support adoption of this document. > > - I suspect we will eventually need pure ML-KEM-1024 in browsers. What's the time frame ?
> - I find the argument that we must use hybrids extremely non-compelling. > Lattice cryptography is "boring" crypto at this point, and I find it to be > cognitive dissonance to simultaneously argue that the quantum threat requires > immediate work, and yet we are also somehow uncertain of if the algorithms > are totally broken. Both cannot be true at the same time. > - The NIST competition was international, and Kyber was developed by an > international team. I struggle to understand how adopting this document would > somehow be "favoritism". > > -dadrian > > > > On Tue, Apr 1, 2025 at 11:11 AM Thom Wiggers <t...@thomwiggers.nl> wrote: >> >> I support adoption of this document. >> >> Cheers, >> >> Thom >> PQ-enthousiast >> >> Op di 1 apr 2025 om 14:59 schreef Sean Turner <s...@sn3rd.com>: >>> >>> We are continuing with our pre-announced tranche of WG adoption calls; see >>> [0] for more information. This time we are issuing a WG adoption call for >>> the ML-KEM Post-Quantum Key Agreement for TLS 1.3 I-D [1]. If you support >>> adoption and are willing to review and contribute text, please send a >>> message to the list. If you do not support adoption of this draft, please >>> send a message to the list and indicate why. This call will close at 2359 >>> UTC on 15 April 2025. >>> >>> In response to other WG adoption calls, Dan Bernstein pointed out some >>> potential IPR (see [2]), but no IPR disclosure has been made in accordance >>> with BCP 79. Additional information is provided here; see [3]. >>> >>> BCP 79 makes this important point: >>> >>> (b) The IETF, following normal processes, can decide to use >>> technology for which IPR disclosures have been made if it decides >>> that such a use is warranted. >>> >>> WG members can take this information into account during this adoption call >>> to determine if we should adopt these drafts. >>> >>> Reminder: This call for adoption has nothing to do with picking the >>> mandatory-to-implement cipher suites in TLS. >>> >>> Cheers, >>> Joe and Sean >>> >>> [0] https://mailarchive.ietf.org/arch/msg/tls/KMOTm_lE5OIAKG8_chDlRKuav7c/ >>> [1] https://datatracker.ietf.org/doc/draft-connolly-tls-mlkem-key-agreement/ >>> [2] https://mailarchive.ietf.org/arch/msg/tls/mt4_p95NZv8duZIJvJPdZV90-ZU/ >>> [3] https://mailarchive.ietf.org/arch/msg/spasm/GKFhHfBeCgf8hQQvhUcyOJ6M-kI/ >>> >>> _______________________________________________ >>> TLS mailing list -- tls@ietf.org >>> To unsubscribe send an email to tls-le...@ietf.org >> >> _______________________________________________ >> TLS mailing list -- tls@ietf.org >> To unsubscribe send an email to tls-le...@ietf.org > > _______________________________________________ > TLS mailing list -- tls@ietf.org > To unsubscribe send an email to tls-le...@ietf.org _______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
