Hiya,
On 16/04/2025 00:02, Benjamin Kaduk wrote:
I can see a case being made that this draft does improve the deployability of TLS if we start with a baseline of draft-ietf-tls-ecdhe-mlkem and note that that mechanism is not deployable in some environments (I guess, ones with some kind of strict FIPS-only requirement, though I'm not conversant in the details of such an environment).
A question (not necessarily for Ben): Are there any concrete/specific environments that we know about that will need non-hybrid PQ KEMs for reasons other than national regulatory reasons? If so, I'd like to understand more about why and don't (or have forgotten:-). If not, then a) adoption of this draft really does require us to figure out what we'll do when the next country's choices are proposed, (which we've not) and b) I think does argue for pushing this to the ISE rather than adopting. Cheers, S.
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
