> Are we even discussing changing TLS 1.3 MTI at this point, for either hybrid or pure PQC?
No; changes to MTI require changes to RFC 8446 On Thu, Apr 17, 2025, 2:36 PM Andrei Popov <Andrei.Popov= 40microsoft....@dmarc.ietf.org> wrote: > Are we even discussing changing TLS 1.3 MTI at this point, for either > hybrid or pure PQC? > > Cheers, > > Andrei > > -----Original Message----- > From: Nico Williams <n...@cryptonector.com> > Sent: Thursday, April 17, 2025 11:31 AM > To: Blumenthal, Uri - 0553 - MITLL <u...@ll.mit.edu> > Cc: Thomas Bellebaum <thomas.belleb...@aisec.fraunhofer.de>; > paul.wout...@aiven.io; tls@ietf.org > Subject: [EXTERNAL] [TLS] Re: [EXT] Re: WG Adoption Call for ML-KEM > Post-Quantum Key Agreement for TLS 1.3 > > On Thu, Apr 17, 2025 at 05:56:56PM +0000, Blumenthal, Uri - 0553 - MITLL > wrote: > > Since It looks like 3/4 of the audience holds position similar to mine > > - frankly, I don’t see why 3/4 must convince 1/4 that their position > > is valid (usually, it’s the other way around). > > We don't "vote" because majorities _can be wrong_. At any rate it's hard > to quantify the risks of pure PQ, and since there will be entities that > insist on it for their own internal uses, and since the codepoint > assignments exist, it's a bit over the top to say no when we can just > insist that these not be MTI and hope that [unlike Dual_EC] pure PQ gets no > usage outside of the orgs that require it. Though I'm not keen on pure PQ > yet, I do believe that the WG Chair's call was correct, but not just > because 3/4s support adoption, and I appreciate that the consensus is > strongly that pure PQ not be MTI. > > Nico > -- > > _______________________________________________ > TLS mailing list -- tls@ietf.org > To unsubscribe send an email to tls-le...@ietf.org > _______________________________________________ > TLS mailing list -- tls@ietf.org > To unsubscribe send an email to tls-le...@ietf.org >
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
