[Ssh] Re: draft-ietf-sshm-mlkem-hybrid-kex-07 ietf last call Opsdir review
Thomas.Graf@swisscom.com Thu, 15 January 2026 12:15 UTC
Return-Path: <Thomas.Graf@swisscom.com>
X-Original-To: ssh@mail2.ietf.org
Delivered-To: ssh@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id D4272A8084B8; Thu, 15 Jan 2026 04:15:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.397
X-Spam-Level:
X-Spam-Status: No, score=-4.397 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=swisscom.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cHdNNcboGWaL; Thu, 15 Jan 2026 04:15:49 -0800 (PST)
Received: from mail.swisscom.com (mailout120.swisscom.com [138.188.166.120]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 8899FA8084AF; Thu, 15 Jan 2026 04:15:49 -0800 (PST)
Received: by mail.swisscom.com; Thu, 15 Jan 2026 13:15:39 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=swisscom.com; s=iscm; t=1768479339; bh=DDmrSdh81eXNPFa4RYnDNkVzEPmruASo5rWt61r3/98=; h=MIME-Version:Content-Type:From:To:CC:Subject:Date:Message-ID: References:In-Reply-To; b=fr7NlRqC13h946tZFoJWacb6vUmBj0Dd+iSpoWCbJonrUGc1uJpiNrYvy9bXSY/r6 v40D95XrWAWcUXhjfDcRlp250fQH+sOIEqUG/n+ezQAaqYeZ/Du+ZuaXIle0qkrZVJ KFWSYAw3T8gQ6WqhAX9cOxpSF1XVRkZ1r/QWOMAgKeSXeqJAYuOjK/ZR8YVTOKpOAx gH5xw+2iHoKlTTtm4SBZT/5MP8w+8uG1+tPleR9DFAhotm+UxFb5eQk+Oda2LRsPeU Zvkm5wn0x5HY2aZ6cmoLitlBybv2oRktXoFg9rqOr5vTpappQ06bNiHCkeLAGJ/E9F wZfq1y3sQX+EA==
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="----=_Part_1946792_180483310.1768479339000"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=v43v5r/8ckZPUdBi6BB1j50/W1+5pu0wf3S4EiT9dTBN89gBoR/ZO+CUY09BaV845zz6j2mYt5Ytmu97sOGvC23Ps+W+7nk68Z0mcyD8vyawOzYghzf7ykke0NobHk4HFjLQCUeaPmtv6ZNGeJlqECrAdQnZqitHhj5u8NYkyrj1S9CDau+nBsdkU8MKedoWsHmCDMx8KjzcEim9sNL2w3/m48ZjtssgqFqx1wXFL2cZcG5QYWRKkdQVO69EVL+hZuFvhONS0ewOLRHupl1VI1DZDiUObqAnvr9znfxwikqkf65G2yvJF43vY/57P9qaI3qbJdFRoddgyqOfUoYMPg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=yNLDjPTPcYSzdVBBzvgQTv8kEbsemBqSj1dgiM3SVJw=; b=AOakVqbc9mvbHJnurXKOTVShHLVil7JYB3njW882j6CTg72smUq7S6gxvrXdFpjYrVxjuYUQZUkoJwnjYXA3s7AHh1f1k0vVzeACE1AGbtlafTj1s/CKz4mlzSpU2zmOHJRQYAYhCi1TGtyYIF/AS5JCFGEEsHngs6w1lhjE0XUjmXtwHRKM6uZRdoYUyewUEu4thShUpSgILEQ9sTY6pxqDyO/WvufBj771bah10FPrYzRZ33inGG+j4LL46aJ9+BjiMSovsn5PQ2zMYw0/3aNjRy9yrC8+xofmqRJrhUh3H3g8DcXc3NkWqpSfMrtJgRWV0aOHpdBbmBy+4F4pyA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=swisscom.com; dmarc=pass action=none header.from=swisscom.com; dkim=pass header.d=swisscom.com; arc=none
From: Thomas.Graf@swisscom.com
To: kpanos@amazon.com, ops-dir@ietf.org
Thread-Topic: [Ssh] draft-ietf-sshm-mlkem-hybrid-kex-07 ietf last call Opsdir review
Thread-Index: AQHcfAemlQbMT3sPgUCJvP8T1WgMhLVTONzQ
Date: Thu, 15 Jan 2026 12:15:34 +0000
Message-ID: <ZR1P278MB117031DE6B18E8CB0D3E5427898CA@ZR1P278MB1170.CHEP278.PROD.OUTLOOK.COM>
References: <176726471587.2385097.4914446011489000331@dt-datatracker-5656579b89-p6k4r> <IA1PR18MB5423406E335F72A39C001648ABBBA@IA1PR18MB5423.namprd18.prod.outlook.com>
In-Reply-To: <IA1PR18MB5423406E335F72A39C001648ABBBA@IA1PR18MB5423.namprd18.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_2e1fccfb-80ca-4fe1-a574-1516544edb53_ActionId=64cbd0ff-ade3-4b61-af14-ca8f2ce36a99;MSIP_Label_2e1fccfb-80ca-4fe1-a574-1516544edb53_ContentBits=0;MSIP_Label_2e1fccfb-80ca-4fe1-a574-1516544edb53_Enabled=true;MSIP_Label_2e1fccfb-80ca-4fe1-a574-1516544edb53_Method=Standard;MSIP_Label_2e1fccfb-80ca-4fe1-a574-1516544edb53_Name=C2 Internal;MSIP_Label_2e1fccfb-80ca-4fe1-a574-1516544edb53_SetDate=2026-01-15T12:14:12Z;MSIP_Label_2e1fccfb-80ca-4fe1-a574-1516544edb53_SiteId=364e5b87-c1c7-420d-9bee-c35d19b557a1;MSIP_Label_2e1fccfb-80ca-4fe1-a574-1516544edb53_Tag=10, 3, 0, 1;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=swisscom.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: ZR1P278MB1170:EE_|ZR1P278MB1738:EE_
x-ms-office365-filtering-correlation-id: f2893e6b-e870-412e-120f-08de542fc8cd
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|366016|1800799024|376014|4022899009|38070700021;
x-microsoft-antispam-message-info: 1xfMuvvN2k2lfSP8s2e+XHt4ZjGcuxVC5A7VJ0cXqJCFk/zB86Et668VKNCjcP+Inc0oDIzESCZTehENay7zFpHk308fdpSLuDDeC0DcLrsCHypD8Rp30hFXEYqgV8kmMnndVE0Gdge77ccO+5xUK19lh9BjUajwJ/uYCnAJCmzruudX9VxAcEwMoKTiPHgWUdLxITkul2elC9D3K0RO5nFXe66nuxfvLmIdLo21b+omYjinfgrceilzNomgYpBPTlRujfaTYxSzdB75l2hOlYHkGp20H6GwKdXqOjRaUnX4ZDT6Xw05Y66u2y/mo5EMvndL6gJ7daBi5PI7jmwrJs6K7pH8DzUHekjnGelGrRSGwVON+jGt1+7U1lKCrWX8l3ERJaZPGnU77xVI1XCfLLtsyLj29jqtlTdDZoktBiUEcxMWs3yaLmKob4lXI3uqEuSht0xJ+K5WcJXtbgrrhd8SWYFGpYB0B+x5/gWtoS7dIlt7N74++KQR2A6AqzA6yb7Kr7SVyv5yH1+R9l5pXiUtX5Lv6y9aSjwgrwIeB+/5r2kp/OSBEunMlVsHJ04CPMurBBiWGy0O9NW3qss/vHDdKrEGRgq9U57qjpQ7qcxcsA8+OfmirGgsRlcXUXkD0Pyu2cNTCRVFaDdDiqc7V207OdxXwLhcui32oKxnhq9fjPFj9dYhD9K4kDQ7Lqmgz7uTrTFXAV/c3KGMHNa4f5Mg0lltZ3j9d+r3JdAa5faU4k7TWSM32JGBnrc8qMEjiJodtoXzpNS+PaLgSDux5QomAAI6rA3EsFSz6Wr9Ehc3JqEi3h9xjUDwfE9i2KuhxynnkgXrhBCvYR7JdaSEmhycNnBxv4ou4exmDgw2NI6d9bLW72ONw8TDW5cUa1Yhjw+y5MtD6gbBlGXreeFDS8Y8aGsRRQGaVkaQChgduzE2rxPgYj/cg2plQCIfQYIAK9tuK+ET/DAcWEeLceCk29fV2OLQiuIkyQmofhOauZkDqqukqdUKoZyRcEkWKK9kPP9+bqlkL+2/LIubbhj3XPojLIybSKRwj9ExgdOwtut/Ad3U8GsdZnUw3XpQID3GunaGA0WPihhdoVoDKUq4+iK+DSBadUObl5imCaEPOgYnBzf6qWYvO601ffExDT+Z0PSVfYHhJI9q9+dZ38a6Qkqxl/UMCNZbBbxf51SMwCeMPD/Xz1pznPcsaCp3olbLaJGO9h/B3OLrqGwIxJhAc5PTHg0KSRbxm20MSOv/9gE357ARVNtYBTcRg+/0uV7tfCoz2wSC6E/oj5DrxLQqgqL2LDJ7wHZwh/qz47bYH1D17j6cqmbn7rkuvajd2JbZXvtJ6IhCl30FQ/WXfony8Q6p3Gg80QjbB8ComsMZn5kwthvC5TURVJL+qICagimtaKbvZKszehcwUD4ItpyzWpDEgQRVXYK+td9QeZK2z+dHckNdX95YdN0LOHbGPrv4YqIozKdeQVKcBl0Ag1luLZszf1o1cykKMFxPtL+vI5hy0yj6/OyRLo78GHwDeGEgzuTKVGqPCW3IUCp0qQKNY7XE6w7anKuHvihdQuk7PyDcDGENgEG9PNenJUhx5Tp9u80nQfyQ5WSaNpyhPZduG6KfcLzPG/ysorLe+OryEdc=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:ZR1P278MB1170.CHEP278.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(1800799024)(376014)(4022899009)(38070700021);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: FJYAlZ8EyWb1+EopjpDrXnRnYV69V8/qhIc1DGkI4ek931ukXKKx7N36+pffwmf0i4r2U7aqFkWXTVxUrXBxcdlRSYIixElTlJ6zvhqTrJKk54czlyp8FPSaik9phdhGpLKxFcLD3/XCz0tgRSewMlNfwGvNxq6xnzVfNqw8KHrxBTMoc6FL0s55jUvupSwhn9as8svHdBRLFa+W4/xHnT1Zxpni8llZrfL+pgxYAanHKhDQk+4dnwxpS+XQZjknLkl61MPfJ6kSigY621vdVE9CNYVRYJhay4dy7Fi04J5xc3/ve+SuT+JQOW1aVhMkuYKeyullYClu7P+GY5uVyTenma6IZvpCnySZTZfFMZUzvLA2DKDMlOTv9itX87xo9wLwezLqMTMzODW2M8NDhY+01GmdoYJ8sN1L+OtIT8Mb0fCUEPfGJ1gdNIuB+YmEfWxDQj3ge+VEVmuTG1P9SNFgX5YLv5ZnK+sW2sEfKnzIdmR7+coQk12O7nrRxopQAiGHcWoM0K60j7+s+WELdv7V+hA+PuUIMbb380lREBEL1sWXvEMrPkBgAEActihCFj6kYQVE0hRcSjzW93UfhmJT3aYUi+Amd393bHKH8ezFL5kn+LHzYm7p389oq4U7P8ZrqRxuSqW6k6pkXjlSejEmySUCC5h2E2+3kDLekpGCsktdqrT84NNwcTqcseHdZgf+XIgz08AOuL3Zx5Kvj7R42vhm8fCO99lQx5DfPQ4YZzTx0yuRJG+Lxa7XAdbhL36kNR3mHaqIT7ZDrorrMa3tHM1QdlrMzBBwR8hQ3DwcPx7qZqfbMoKXvpD147/4FpvB9zSb+WerHt7sZuAeb9IaiqouLRp5vxHO0OsJPCpOXYr7ER6UMh+KOVI5MNjRNzJZ19LVhUvim3yIGsggc+aDhmahaW4HrNjA/Zmy1m7E9dY+n1zK5MoyYT0oN/XYF/QR1BxSq06oMQab61uq1ErWErYwkRTBL7gE216PkMIDvSxKnIoSB8+1juuJNDmSlvjf09kjOkWteD2J2skQ4Pl4GBMS53YcTEAIMEuzjP4fC4RmRyWhj2b+kwp3xNPSNc2QlW+eKT1chNsk/iMY9yMMo4oeJ2KI2FTOICvlyyKnu2c5f9KACII4/G8Bgsx57EoNZkCT3pltTG1srLuzTXvXMM6Vr6vhY78ZO0d9VNY3g/VFWzAfL/Osh76y4peWQpywkRMxq44alRKSQBMhMbg2pFnQv+LkbLPwMHKFwis4wZbufebxqeEyC5WSz6v9iOgTGpAorDloqw5/4qMfo8itx6jStpZNQEie6jgzDwztGXRT3J1xb1DW7RirKmQ9iaA9jixo4VjZuaKjl/i10R8WMM7eWsPjofsG3s1CtFNSRdOiyBg0izl7oprv13/gPsyV/F4fyQ4ARBSVxCJ5vtZASM167y9MWvu8mJdNGbrEfrChSOAPgbt+FhxIZ8xV9SRpE1iwcxwcMheQlqCSB23FsITAv0UaRLj0yOZ/vew3IuSgGIXe9iUDjP0lAC2kY2isj1SsBi+ZARXEQHLp7gF1eKIp3mZeNOjKIqOt//6WVjZiPqGyXKv+4q/xN0D8AbFqTFUAIqIa0NlTD3MprBvdPTWxjkQYhaS2H4zGpF8H2qGwEJHpG9qfzhXba+h8CKdP15AgD2RUg3ekL76pi3cvi+OW4J8yjAN4+V7mZFfgHMLClJDouYRKHu96jCCdBgrFSLqrq5gfOl0OE/WuOA==
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: ZR1P278MB1170.CHEP278.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: f2893e6b-e870-412e-120f-08de542fc8cd
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Jan 2026 12:15:34.2187 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 364e5b87-c1c7-420d-9bee-c35d19b557a1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: pfY1C07xEtSYrLrMO13jYj3EOq0Jc49WDZ7/mTSUQA9YzIGcdB2Ax4BMj5WaJHNN1XGvNT4i9m7vGkF6MhBRLkNb0XXXmH+taPhZPPXceIY=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: ZR1P278MB1738
X-OriginatorOrg: swisscom.com
X-CFilter-Loop: Reflected
X-Mailer: Totemo_TrustMail_(Notification)
X-Trustmail: processed
Message-ID-Hash: E5YBSFT52UGGLY5COIYPJV5C64XRPKZH
X-Message-ID-Hash: E5YBSFT52UGGLY5COIYPJV5C64XRPKZH
X-MailFrom: Thomas.Graf@swisscom.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: draft-ietf-sshm-mlkem-hybrid-kex.all@ietf.org, last-call@ietf.org, ssh@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Ssh] Re: draft-ietf-sshm-mlkem-hybrid-kex-07 ietf last call Opsdir review
List-Id: "The SSH mail list will allow discussions on improving aspects of the Secure Shell (SSH) protocol." <ssh.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ssh/tB1u_DDtDykRnpbsTkRbNrRQCQQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ssh>
List-Help: <mailto:ssh-request@ietf.org?subject=help>
List-Owner: <mailto:ssh-owner@ietf.org>
List-Post: <mailto:ssh@ietf.org>
List-Subscribe: <mailto:ssh-join@ietf.org>
List-Unsubscribe: <mailto:ssh-leave@ietf.org>
Dear Panos, Thanks a lot. I reviewed the changes (https://author-tools.ietf.org/iddiff?url1=draft-ietf-sshm-mlkem-hybrid-kex-07&url2=draft-ietf-sshm-mlkem-hybrid-kex-08&difftype=--html) You addressed my comments. Thanks you very much! Best wishes Thomas -----Original Message----- From: Kampanakis, Panos <kpanos@amazon.com> Sent: Friday, January 2, 2026 5:48 PM To: Graf Thomas, SCS-INI-NET-VNC-E2E <Thomas.Graf@swisscom.com>; ops-dir@ietf.org Cc: draft-ietf-sshm-mlkem-hybrid-kex.all@ietf.org; last-call@ietf.org; ssh@ietf.org Subject: RE: [Ssh] draft-ietf-sshm-mlkem-hybrid-kex-07 ietf last call Opsdir review Be aware: This is an external email. Thank you, Thomas and Happy New Year. I addressed these and they will be in the next update. I did not add special mentions to the implementations, because the new methods are deployed in lots of SSH applications now., it will be futile to mention 3-4 of them. -----Original Message----- From: Thomas Graf via Datatracker <noreply@ietf.org> Sent: Thursday, January 1, 2026 5:52 AM To: ops-dir@ietf.org Cc: draft-ietf-sshm-mlkem-hybrid-kex.all@ietf.org; last-call@ietf.org; ssh@ietf.org Subject: [EXTERNAL] [Ssh] draft-ietf-sshm-mlkem-hybrid-kex-07 ietf last call Opsdir review CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe. Document: draft-ietf-sshm-mlkem-hybrid-kex Title: PQ/T Hybrid Key Exchange with ML-KEM in SSH Reviewer: Thomas Graf Review result: Ready Hi, I have been selected as the Operational Directorate (opsdir) reviewer for this Internet-Draft. The Operational Directorate reviews all operational and management-related Internet-Drafts to ensure alignment with operational best practices and that adequate operational considerations are covered. A complete set of _"Guidelines for Considering Operations and Management in IETF Specifications"_ can be found at https://datatracker.ietf.org/doc/draft-opsarea-rfc5706bis/. While these comments are primarily for the Operations and Management Area Directors (Ops ADs), the authors should consider them alongside other feedback received. - Document: [draft-ietf-sshm-mlkem-hybrid-kex-07] - Reviewer: [Thomas Graf] - Review Date: [01.01.2026] - Intended Status: [Informational] This document defines Post-Quantum Traditional (PQ/T) Hybrid key exchange methods using the Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) standard and traditional Elliptic-curve Diffie-Hellman (ECDH) key exchange schemes for extending the SSH Transport Layer Protocol. I have reviewed the document and its references. I am not a cryptography expert and therefore won't be able to judge and comment on the security related statements. My focus is primarily on operations and manageability. The document is straightforward and very well written. Therefore my comments are rather minor. --- ## Summary Choose one: - Ready: No issues found. This document is ready for publication. ## General Operational Comments Alignment with RFC 5706bis https://datatracker.ietf.org/doc/html/draft-ietf-opsawg-rfc5706bis gives guidance on operations and manageability of new protocols or extension. In the following sentence This document addresses the problem by extending the SSH Transport Layer Protocol [RFC4253] key exchange I suggest to reference https://datatracker.ietf.org/doc/html/rfc4253#section-7 specifically and consider in the document to briefly mention the migration path https://datatracker.ietf.org/doc/html/draft-ietf-opsawg-rfc5706bis-01#section-4.3 to ML-KEM. In the following sentence An implementation adhering to [RFC4253] must be able to support packets with an uncompressed payload length of 32768 bytes or less and a total packet size of 35000 bytes or less (including 'packet_length', 'padding_length', 'payload', 'random padding', and 'mac'). I also suggest to reference https://datatracker.ietf.org/doc/html/rfc4253#section-6.1 specifically. I understood that the section 2.3 defined methods does not impose such issues while other post-quantum key exchange schemes might impose such problems. In the Acknowledgements section the authors describe that there are existing implementations. Please consider writing a "Implementation Status" section as described in https://datatracker.ietf.org/doc/html/rfc7942#section-2 or/and link the open-source implementation in the data tracker. --- _______________________________________________ Ssh mailing list -- ssh@ietf.org To unsubscribe send an email to ssh-leave@ietf.org
- [Ssh] draft-ietf-sshm-mlkem-hybrid-kex-07 ietf la… Thomas Graf via Datatracker
- [Ssh] Re: draft-ietf-sshm-mlkem-hybrid-kex-07 iet… Kampanakis, Panos
- [Ssh] Re: draft-ietf-sshm-mlkem-hybrid-kex-07 iet… Thomas.Graf