[TLS]Re: [EXTERNAL] Working Group Last Call for "Hybrid key exchange in TLS 1.3"
Douglas Stebila <dstebila@gmail.com> Wed, 14 August 2024 12:35 UTC
Return-Path: <dstebila@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 59862C16940C for <tls@ietfa.amsl.com>; Wed, 14 Aug 2024 05:35:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.105
X-Spam-Level:
X-Spam-Status: No, score=-1.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NfB-kbVEiqwB for <tls@ietfa.amsl.com>; Wed, 14 Aug 2024 05:35:00 -0700 (PDT)
Received: from mail-qk1-x734.google.com (mail-qk1-x734.google.com [IPv6:2607:f8b0:4864:20::734]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 83C8EC180B5D for <tls@ietf.org>; Wed, 14 Aug 2024 05:35:00 -0700 (PDT)
Received: by mail-qk1-x734.google.com with SMTP id af79cd13be357-7a1d024f775so437170585a.2 for <tls@ietf.org>; Wed, 14 Aug 2024 05:35:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1723638899; x=1724243699; darn=ietf.org; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:from:to:cc:subject:date:message-id:reply-to; bh=o6UNZTAZjxZEkEQn/EtQrQ2GlPx6IYoLkTcl0HrBZNk=; b=E9wKa9+SDuFtMnCxg1SiijZoM4UlgDyDPz8+JdkLN8OGaJBfqc8nF+oAf2gXXhPz6c jtXGX+9se/lbqOZJ32hkg6fXLKFOwknL7GxfYIdqcxYm4pIjBraAUIP7MB8TgO+D4m17 mAUlA/ZHGbMcSWb1Zo4uiZZ86efctm+R8GpoBExf7xCVTy4Yq1PdsdK7tUyf5opyJfB1 +7t7gNzSfdLlBnBlKKIcPR9xkj8pk6pU9nhysC4/YxsklSgijFz2adYOq4OWUs5spe+z e/RbEqQ1fj+MswTQgbbBwiUVLsMbRZv0dfwRPvfRF76WhaI5nHcTqmRfkoWAmmRaLbNB P/Lw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723638899; x=1724243699; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=o6UNZTAZjxZEkEQn/EtQrQ2GlPx6IYoLkTcl0HrBZNk=; b=uNTShVLgNp7s2xbgCotszTzDXp2dob7Kx6rNBZTuYqq36+q7gJpTnugN7X6xT3sMjD 01WUAsVjqPpEclZnoge38b0qmGclEDHRzTpq47TRmf4RlTg9147G6hUqp7d7vJMRWv1M xxmOhhLEAJrYvrbe5yLJDAVwPFKcDsMkYMUEDIMQ1DEJAwjvQ9YrEnVN3hj8zrJMh7Gw VAdCj4BNTFx2Ilo6CamaY9msBn207ZUn/3fVYb/at0oULz18toNCqCAyc61+1diN3e1U IcqctYcHeHbYTO/5DkR63EW6E4/BEMP0jGRbHf4W24SQLDX6oCLZgyXgaK3nwLCUk8nl PscQ==
X-Forwarded-Encrypted: i=1; AJvYcCUWi0bicAtneA8j5EmWpnneOmtXt0vQNZ9ApHHOniPE9/rsa++qTtzn7RRwTFYg9kaUDvID/cNsHt0RGpg=
X-Gm-Message-State: AOJu0Yy/N+n7sGpvgVPMzvbcZrDOVO6Nik+KV+L1YvGPZs4CeEFAGtHo le8jTETI3wHvmqwz4laa9OVw0Uflb/KNMGX+vStqgawY0zC2Z8zudBMlXe8V
X-Google-Smtp-Source: AGHT+IHzZs/w6htG0L4XUSb/blppH00e6A1RtxG2FvPioLLq2t1SIkz/uKr8LEk9sysn51oh1fM+sA==
X-Received: by 2002:a05:620a:2488:b0:79f:197d:fe6e with SMTP id af79cd13be357-7a4ee3abf99mr254529885a.45.1723638899107; Wed, 14 Aug 2024 05:34:59 -0700 (PDT)
Received: from smtpclient.apple (pool-99-250-197-37.cpe.net.cable.rogers.com. [99.250.197.37]) by smtp.gmail.com with ESMTPSA id af79cd13be357-7a4c7e0f848sm429123085a.128.2024.08.14.05.34.58 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 14 Aug 2024 05:34:58 -0700 (PDT)
From: Douglas Stebila <dstebila@gmail.com>
Message-Id: <A03C24E7-1CA5-4DB9-8C39-CC61ED602BC4@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_A48A5EF2-3716-4178-BE17-889C22633A34"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.600.62\))
Date: Wed, 14 Aug 2024 08:34:48 -0400
In-Reply-To: <DS7PR21MB3716066016F6D56FE3CD56328C862@DS7PR21MB3716.namprd21.prod.outlook.com>
To: Andrei Popov <Andrei.Popov=40microsoft.com@dmarc.ietf.org>
References: <CAFR824wCMcyF1szc76P+4i8LKv2-d1ciHWRMFFmZ8hpi=1PHtA@mail.gmail.com> <9F2975D8-A5C8-4254-AB78-04FD9CBB8CF9@thomwiggers.nl> <DS7PR21MB3716066016F6D56FE3CD56328C862@DS7PR21MB3716.namprd21.prod.outlook.com>
X-Mailer: Apple Mail (2.3774.600.62)
Message-ID-Hash: ONXTOFLQILPHPEOQ2RGHUBAX6LMZTTDR
X-Message-ID-Hash: ONXTOFLQILPHPEOQ2RGHUBAX6LMZTTDR
X-MailFrom: dstebila@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "<tls@ietf.org>" <tls@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [TLS]Re: [EXTERNAL] Working Group Last Call for "Hybrid key exchange in TLS 1.3"
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/5g8wrMA4tpA2tq9isrMwec7U1JE>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
My understanding from discussing with the TLS chairs is that they will separately seek to have the existing drafts containing Kyber code points updated to also include new code points for ML-KEM hybrids. Douglas > On Aug 13, 2024, at 5:37 PM, Andrei Popov <Andrei.Popov=40microsoft.com@dmarc.ietf.org> wrote: > > I think it would make sense to get new code points for hybrids based on the final ML-KEM spec, so that implementers don’t need to use pre-standard Kyber. > > Cheers, > > Andrei > > From: Thom Wiggers <thom@thomwiggers.nl <mailto:thom@thomwiggers.nl>> > Sent: Tuesday, August 13, 2024 3:39 AM > To: Deirdre Connolly <durumcrustulum@gmail.com <mailto:durumcrustulum@gmail.com>> > Cc: <tls@ietf.org <mailto:tls@ietf.org>> <tls@ietf.org <mailto:tls@ietf.org>> > Subject: [EXTERNAL] [TLS]Re: Working Group Last Call for "Hybrid key exchange in TLS 1.3" > > You don't often get email from thom@thomwiggers.nl <mailto:thom@thomwiggers.nl>. Learn why this is important <https://aka.ms/LearnAboutSenderIdentification> > Hi, > > I think this is great and what better time to do this than with the publication of FIPS 203 this week. > > The one thing that remains is that there are many references to Kyber, e.g. commenting on its key sizes fitting in the KeyShareEntry limitations; should those be updated to be references to ML-KEM? > > Cheers, > > Thom > > > Op 12 aug 2024, om 21:50 heeft Deirdre Connolly <durumcrustulum@gmail.com <mailto:durumcrustulum@gmail.com>> het volgende geschreven: > > This email starts the working group last call for the Internet-Draft "Hybrid key exchange in TLS 1.3", located here: > > https://datatracker.ietf.org/doc/draft-ietf-tls-hybrid-design/ > <https://datatracker.ietf.org/doc/draft-ietf-tls-hybrid-design/> > > The WG last call will end 26th August 2024 @ 2359 UTC. > > Please review the draft and submit issues and pull requests via the GitHub repository that can be found at: > > https://github.com/dstebila/draft-ietf-tls-hybrid-design > <https://github.com/dstebila/draft-ietf-tls-hybrid-design> > > You can also send comments and feedback to tls@ietf.org <mailto:tls@ietf.org>. > > Cheers and thank you, > Deirdre > > _______________________________________________ > TLS mailing list -- tls@ietf.org <mailto:tls@ietf.org> > To unsubscribe send an email to tls-leave@ietf.org <mailto:tls-leave@ietf.org> > > _______________________________________________ > TLS mailing list -- tls@ietf.org <mailto:tls@ietf.org> > To unsubscribe send an email to tls-leave@ietf.org <mailto:tls-leave@ietf.org>
- [TLS]Working Group Last Call for "Hybrid key exch… Deirdre Connolly
- [TLS]Re: Working Group Last Call for "Hybrid key … Thom Wiggers
- [TLS]Re: [EXTERNAL] Re: Working Group Last Call f… Andrei Popov
- [TLS]Re: Working Group Last Call for "Hybrid key … Douglas Stebila
- [TLS]Re: [EXTERNAL] Working Group Last Call for "… Douglas Stebila
- [TLS]Re: [EXTERNAL] Working Group Last Call for "… Kris Kwiatkowski
- [TLS]Re: [EXTERNAL] Re: Working Group Last Call f… Deirdre Connolly
- [TLS]Re: [EXTERNAL] Re: Working Group Last Call f… Salz, Rich
- [TLS] Re: [TLS]Working Group Last Call for "Hybri… Stephen Farrell
- [TLS] Re: [TLS]Working Group Last Call for "Hybri… Douglas Stebila
- [TLS] Re: [TLS]Working Group Last Call for "Hybri… Eric Rescorla
- [TLS] Re: [TLS]Working Group Last Call for "Hybri… Stephen Farrell
- [TLS] Re: [TLS]Working Group Last Call for "Hybri… Martin Thomson