Hiya,
On 17/04/2025 18:56, Blumenthal, Uri - 0553 - MITLL wrote:
One reason hybrids add risks is the practical implementation/ deployment/processes/management/maintenance part, as opposed to treating the issue as a pure mathematical formula - which deployed software apparently is not (some might argue that it should be, I let the reality speak for itself).
I'm relatively confident that the set of implementations that only do pure-PQ and don't do hybrid will be so small as to make the above an unconvincing argument.
Since It looks like 3/4 of the audience holds position similar to mine - frankly, I don’t see why 3/4 must convince 1/4 that their position is valid (usually, it’s the other way around).
You are conflating the set of positions of all those who wanted to adopt the draft with your own position. The two likely differ. Cheers, S. PS: Yes it can get tedious dealing with others' arguments. But that's what's needed generally even if it takes a while to understand what other people mean.
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
