IETF Logo Mail Archive

[saag] Re: NIST Requests Comments on SP 800-52 Rev. 2 | Selection, Configuration, and Use of TLS Implementations

Eric Rescorla <ekr@rtfm.com> Mon, 01 June 2026 22:46 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: saag@mail2.ietf.org
Delivered-To: saag@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 672A6F8EEEFE for <saag@mail2.ietf.org>; Mon, 1 Jun 2026 15:46:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1780353981; bh=kjOC5OTJOgxUnu8Cn6oNERC9ot3CQHN4bK5FKrim9PU=; h=References:In-Reply-To:From:Date:Subject:To:Cc; b=k682RlR1b7KZeqYTwjhv0ZZ40+O7Q1HJCgfymBhOERP5MHdBnW8B7rJ+nG6vSbc4z D1zZag1IdGJZ2+NCxBOKKY+IdYjgWpP/6nCLmQ/T/58+9+9cz7q9UN1C7tLxKqvihO vOz2GTEpWGHfITmArcQNbMJuDdj8Lfy/0KIsSmZ8=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20251104.gappssmtp.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sz7Uy_4LyLD1 for <saag@mail2.ietf.org>; Mon, 1 Jun 2026 15:46:20 -0700 (PDT)
Received: from mail-yw1-x1131.google.com (mail-yw1-x1131.google.com [IPv6:2607:f8b0:4864:20::1131]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id B7D34F8EEEF3 for <saag@ietf.org>; Mon, 1 Jun 2026 15:46:20 -0700 (PDT)
Received: by mail-yw1-x1131.google.com with SMTP id 00721157ae682-7dee6b76a73so33547807b3.0 for <saag@ietf.org>; Mon, 01 Jun 2026 15:46:20 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1780353974; cv=none; d=google.com; s=arc-20240605; b=NgzNh2Ni/TEwDssS/xM2olV2rKkJezWOEbwE9zN+4msetiQ41TMWlzjyR8GY354t53 UgxmFKEft0xqxrLTPs8SxsI4U0R3WYIF3DOJvCq/HHNkOvQgfG5m4zDaDkLMYua3tRTH wthSQUYPicAMzHPzV0BjXUUIDTV43vBGWeo21ZGwczseqgeYJx88dGCCMeXREfYGDktV 59Aq96qi2tzg6GvVR2tpPj04RLtpshKXeZd+YGPAVEQHELNLtwoivm149UzYj+UGlGAW A25YCJc00KBzDJgNsOGUPfYMb3DF+d+q1uy4mzIyLF0daOoiHNqaqQTEyHbpzEth9ZlF S7tQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:dkim-signature; bh=RbdNU6ZE0xxmT6xHb9lNESD1MlVlBDSoUjGP5AoZ5lQ=; fh=LoQXilaOE8KewjiuHBGZ246VscENMMcPM2KnWGYXuVs=; b=X0/GDnBMyFJhIoc893+dkX9i1a0h1r5WzV0ollUFRAf46KvKB+ul+FfG/xVaviLmc7 WuxHz4M4+jXVU6MX4O5UmCulCY5qbrA5HDDOhPRGy0FKkcWkRpACdjQsW5rH+o+JaFDm Zqa1AJhjRsYkhvb7Pf5ruGrmXyLXSSRCKLCyzetmUzUFN3o/AYSc2tC8ks/hG5eWTXsb w+Y7qbkBOG54ozKNijKycJaEnR3itcWZMKBr+ZBu+2WVZ0VtQ1r8NkOQtfA6ColfaPY7 k8nLjyDXCmJQu4EO2TCWUH7bElVmrdGMygLQ+XtV2xGu7CkEkpV+uXreTCDpgo8FHfjQ UC/Q==; darn=ietf.org
ARC-Authentication-Results: i=1; mx.google.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20251104.gappssmtp.com; s=20251104; t=1780353974; x=1780958774; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=RbdNU6ZE0xxmT6xHb9lNESD1MlVlBDSoUjGP5AoZ5lQ=; b=nYa8WpCs+TywzKK3B5azH2HBFLKWuzzGIajxB3wle+1v+tWo8hESU+rHSwKOAj4MqL zQs7l02CNyz2rsMeZ6EcnIfVxowG+8pcH9e/A+/tS+b2ZJ/WBlBXoZKfllWdNI2MuQJx kLpcelLPSFdk+YrU91abm6yxCnOlaqCqkR/KgvvLNyTpmrIU/WArt4ipihGLo2yTgDv3 cfY4prdBpG3r3cWp8hlmOCBBDmj9FtS4A55cG9+eBgCeKdZioXJ6xFnGqIzTqOfIduQU EMA3LcJJTJIl42TBowgIW0qcDbxQKN4NlfoLW9r7B5ipYuC4VO93IhFcxdfK5gwaWccZ cqhw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1780353974; x=1780958774; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=RbdNU6ZE0xxmT6xHb9lNESD1MlVlBDSoUjGP5AoZ5lQ=; b=Uwzw1/XPEX2ixhqyPhVoHGnXBqNyDFhQgEYksQKaZ3xLzCbYioVxJwqHITWfvoh2zA OoJKdTcYuugft08e8H/97Gvp1xlfhhIKhlJ0VUFcQwD7GdsmXP5kglH4uYrwUk8uneW9 TN4PzIB7GSafXCdMtN0RxFMX8DLrDoU8ALk4c9up2nUWAbAEk2IX9fntnCSSAElXHq5C FPcq+mUDX/en3eO8CDZZJ5V7CHqQoBZIEwM+xy3t5zeRkS5alglgZQkyprYws310PyjV nPdY9S7wZnd4u2TkuFb55gJ7cg2HMjZas3bWQysUpyvtiO81Fyku6KSG5RAWRL+FQ3ps ZxSQ==
X-Gm-Message-State: AOJu0YzeXavLvU4c/0IEh6DY2zpfc7AxwYXn9Z+MpPKncKjaJxeqLYyZ E29RtkLEUWgO6L/wm4MzU07Hq+WcvrfJW2lNFNi7y7PDJdEoC2vWBIt2eyW/XflNT8/MIQNnmU0 jsE0xz0D2Mzl0DxWVgdkBqycXvnC+SfxQwij5qJTVldvgNIeheIwW
X-Gm-Gg: Acq92OGd/Lan7DHkOGdLwbOPgtWS9/ntL5JYf20ZQI3+BhFMK9bsIP4CAw+xSHX5wvl Iwfca+VsOVy+vHVqGBaMyOyM0K9wNbw9Px4nN+UmQvAG1oHCsYhlU698fHNOtuWSfXdgAE4t4QY Apq2IbnqVZfdZ6lbydkk/lGYjTYfII1oVa/m3T0sHyooe814oUAowk48iN1ok+K5ozJkEXgQug9 ap0xG1tNyuA2VdRyr0hSxItSDkcGVKpcUJSXzRnTIoDqlEnvtWReNyn2vIHbrduWe9kZ76qaQUW jCv37hqjJGSo60txp8gvp5zkPiRl0/fi06r2dLN+0+8tagUIfr2kb1oy9Ui2XmnmiIuHJcLGZjX nyorflA84GqwJzinYRNfaETucORc352Sz
X-Received: by 2002:a05:690c:3693:b0:7ba:f1a2:a448 with SMTP id 00721157ae682-7e057bb5893mr122945987b3.10.1780353973899; Mon, 01 Jun 2026 15:46:13 -0700 (PDT)
MIME-Version: 1.0
References: <MW4PR09MB1005943C991FACA9F73AD6806F33C2@MW4PR09MB10059.namprd09.prod.outlook.com> <CABcZeBOQYDPugjSSLuRKaB5DnwJigdZRjHwuVvysZAg0XWJeYg@mail.gmail.com>
In-Reply-To: <CABcZeBOQYDPugjSSLuRKaB5DnwJigdZRjHwuVvysZAg0XWJeYg@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Mon, 01 Jun 2026 15:45:37 -0700
X-Gm-Features: AVHnY4I0qLaNGBbS1aWd10tPCYPSqI0_avaxNs_L9gqDFWtMsyGGfqTL5U12KXg
Message-ID: <CABcZeBMBnYXGaXLR-ur2Zotp9Onm0=YpkWBoS684AL9Mx2ZuTg@mail.gmail.com>
To: "Dang, Quynh H. (Fed)" <quynh.dang=40nist.gov@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="0000000000003069da065338f66c"
Message-ID-Hash: J2ET4S4FJYGIJSP3FGD3OC3GHW5AGC7X
X-Message-ID-Hash: J2ET4S4FJYGIJSP3FGD3OC3GHW5AGC7X
X-MailFrom: ekr@rtfm.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-saag.ietf.org-0; header-match-saag.ietf.org-1; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: IETF SAAG <saag@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [saag] Re: NIST Requests Comments on SP 800-52 Rev. 2 | Selection, Configuration, and Use of TLS Implementations
List-Id: Security Area Advisory Group <saag.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/ndX15sty0pqLOdZlSMvzHJAXkPw>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Owner: <mailto:saag-owner@ietf.org>
List-Post: <mailto:saag@ietf.org>
List-Subscribe: <mailto:saag-join@ietf.org>
List-Unsubscribe: <mailto:saag-leave@ietf.org>

Hi Quynh,

Are you able to advise on this question?

Thanks,
-Ekr


On Thu, May 7, 2026 at 2:11 PM Eric Rescorla <ekr@rtfm.com> wrote:

> Hi Quynh,
>
> I started looking at this document and I wanted to level set on
> expectations.
>
> The latest version of this document is from 2019 and it really is in
> fairly bad need of  revision beyond the questions asked on the NIST page.
>
> Is there some plan to do that? If so, can you share that plan, including
> the timeline? Otherwise I fear that we're going to be making a lot of
> duplicative comments. For example, I would expect everyone to suggest that
> you recommend if not require PQ algorithms.
>
> -Ekr
>
>
> On Thu, May 7, 2026 at 10:11 AM Dang, Quynh H. (Fed) <quynh.dang=
> 40nist.gov@dmarc.ietf.org> wrote:
>
>> Hi SAAG members,
>>
>>
>>
>> We have posted a request of comments on SP 800-52 Rev. 2 | Selection,
>> Configuration, and Use of TLS Implementations at
>> https://csrc.nist.gov/news/2026/tls-comment-on-sp-800-52-rev-2 .
>>
>>
>>
>> The comment period is open through July 10th, 2026.
>>
>>
>>
>> Regards,
>>
>> Quynh Dang.
>> _______________________________________________
>> saag mailing list -- saag@ietf.org
>> To unsubscribe send an email to saag-leave@ietf.org
>>
>

v2.46.0 | Report a Bug | By Email | System Status