> I believe that adopting the draft will allow those who > wish to use pure PQC (for whatever reasons they may > have) to do so while at the same time not in any way > impacting anybody else who doesn't want to do that.
Those who wish to use pure PQC do not need permission. This is about IETF _endorsement_. Even with Recommended=N, I can imagine many managers reacting to a presentation on "YOU NEED TO USE PQC LIKE ML-KEM BECAUSE ELSE..." by googling "deploy ML-KEM now" and being recommended this rather than a safer hybrid[1]. I am not convinced that such a person, if given more knowledge, "doesn't want to do that". Not everyone using TLS is a cryptographer knowing the implications of their algorithm choices by heart. -- TBB [1] After all, the manager was told to deploy MLKEM, not this suspicious X25519MLKEM, whatever scam that must surely be.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
