On Wed, Apr 16, 2025 at 10:57 AM Loganaden Velvindron <logana...@gmail.com> wrote:
> On Wed, 16 Apr 2025 at 20:38, <internet-dra...@ietf.org> wrote: > > > > Internet-Draft draft-ietf-tls-mlkem-00.txt is now available. It is a > work item > > of the Transport Layer Security (TLS) WG of the IETF. > > > > Title: ML-KEM Post-Quantum Key Agreement for TLS 1.3 > > Author: Deirdre Connolly > > Name: draft-ietf-tls-mlkem-00.txt > > Pages: 11 > > Dates: 2025-04-16 > > > > Abstract: > > > > This memo defines ML-KEM-512, ML-KEM-768, and ML-KEM-1024 as a > > standalone NamedGroups for use in TLS 1.3 to achieve post-quantum key > > agreement. > > > > The IETF datatracker status page for this Internet-Draft is: > > https://datatracker.ietf.org/doc/draft-ietf-tls-mlkem/ > > > > There is also an HTML version available at: > > https://www.ietf.org/archive/id/draft-ietf-tls-mlkem-00.html > > > > Internet-Drafts are also available by rsync at: > > rsync.ietf.org::internet-drafts > > > > > > Will the authors consider a section 6.4 on risks involved with > lattice-based structures ? > I like what Simon Josefsson used in one of his drafts: > "new research findings may be published at any time that may warrant > implementation reconsiderations". > This seems like it would apply to basically every RFC specifying a security protocol, so I'm not really in favor of that. I wouldn't be opposed to some lattice-specific thing if the WG (or more likely, CFRG) thought that was appropriate. -Ekr > _______________________________________________ > TLS mailing list -- tls@ietf.org > To unsubscribe send an email to tls-le...@ietf.org >
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
