[TLS] Re: draft-kwiatkowski-tls-ecdhe-mlkem and P-384

kris <kris@amongbytes.com> Mon, 09 September 2024 00:04 UTC

Return-Path: <kris@amongbytes.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A0973C14F60D for <tls@ietfa.amsl.com>; Sun, 8 Sep 2024 17:04:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.906
X-Spam-Level:
X-Spam-Status: No, score=-1.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lph1wG0uX7h6 for <tls@ietfa.amsl.com>; Sun, 8 Sep 2024 17:04:51 -0700 (PDT)
Received: from 3.mo580.mail-out.ovh.net (3.mo580.mail-out.ovh.net [178.33.255.153]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8719CC14F5E9 for <tls@ietf.org>; Sun, 8 Sep 2024 17:04:50 -0700 (PDT)
Received: from mxplan8.mail.ovh.net (unknown [10.109.148.32]) by mo580.mail-out.ovh.net (Postfix) with ESMTPS id 4X26XJ6Hcvz1BBD; Mon, 9 Sep 2024 00:04:48 +0000 (UTC)
Received: from DAG6EX1.mxp8.local (172.16.2.51) by DAG6EX2.mxp8.local (172.16.2.52) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 9 Sep 2024 02:04:48 +0200
Received: from DAG6EX1.mxp8.local ([fe80::3014:2b93:485c:84a9]) by DAG6EX1.mxp8.local ([fe80::3014:2b93:485c:84a9%2]) with mapi id 15.01.2507.039; Mon, 9 Sep 2024 02:04:48 +0200
From: kris <kris@amongbytes.com>
To: Alicja Kario <hkario@redhat.com>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: draft-kwiatkowski-tls-ecdhe-mlkem and P-384
Thread-Index: AQHbAFF5EtHwjd/Tu0u4VBnBm5XwYbJOljfg
Date: Mon, 09 Sep 2024 00:04:48 +0000
Message-ID: <679c304083b546d69b630fa81b3d87b7@amongbytes.com>
References: <def1e084-759e-471c-831f-2a40c7d40209@redhat.com>
In-Reply-To: <def1e084-759e-471c-831f-2a40c7d40209@redhat.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [37.59.142.68]
x-ovh-tracer-guid: fe80d17c-e762-4bf1-b022-6f7474a2e0f4
x-ovh-tracer-id: 4296434045683744666
Content-Type: multipart/alternative; boundary="_000_679c304083b546d69b630fa81b3d87b7amongbytescom_"
MIME-Version: 1.0
X-VR-SPAMSTATE: OK
X-VR-SPAMSCORE: -100
X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgeeftddrudeiiedgfedvucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuqfggjfdpvefjgfevmfevgfenuceurghilhhouhhtmecuhedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmnecujfgurhephffvufhtfffkfhgjihgtggesrgdtjhertddtjeenucfhrhhomhepkhhrihhsuceokhhrihhssegrmhhonhhgsgihthgvshdrtghomheqnecuggftrfgrthhtvghrnhepiedtvedtgeekleethfehhfetieffhfdvhfdtheethfekfeetkeeuhffhvdefhfdtnecuffhomhgrihhnpehgihhthhhusgdrtghomhdprhgvughhrghtrdgtohhmnecukfhppeduvdejrddtrddtrddupdefjedrheelrddugedvrdeikeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepihhnvghtpeduvdejrddtrddtrddupdhmrghilhhfrhhomhepkhhrihhssegrmhhonhhgsgihthgvshdrtghomhdpnhgspghrtghpthhtohepvddprhgtphhtthhopehhkhgrrhhiohesrhgvughhrghtrdgtohhmpdhrtghpthhtohepthhlshesihgvthhfrdhorhhgpdfovfetjfhoshhtpehmohehkedtpdhmohguvgepshhmthhpohhuth
Message-ID-Hash: YNMAPZKBNEBSLPVQ3GKYMFBTPTKQFCR5
X-Message-ID-Hash: YNMAPZKBNEBSLPVQ3GKYMFBTPTKQFCR5
X-MailFrom: kris@amongbytes.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [TLS] Re: draft-kwiatkowski-tls-ecdhe-mlkem and P-384
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/AFY_9IAvpMeMcsBSfPwJ3qjBhDo>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

Hello,

I'm sorry, possibly I've missed some emails.
If there is an interest I propose we add it to existing draft, publish version -03 and request a code point.
The repo is here:
https://github.com/post-quantum-cryptography/draft-kwiatkowski-tls-ecdhe-mlkem

Feel free to open PR

Cheers,
Kris

________________________________
From: Alicja Kario <hkario@redhat.com>
Sent: Saturday, September 7, 2024 12:39:30 AM
To: kris; tls@ietf.org
Subject: draft-kwiatkowski-tls-ecdhe-mlkem and P-384

Hello,

What's the situation with other groups for TLS 1.3?
Specifically, are there any plans to specify SecP384r1MLKEM1024?

As mentioned in multiple emails already, high security system
already have a strict requirement to use P-384 curve exclusively.
Similarly, for post-quantum resistance they will be required
to use ML-KEM-1024.

Will you add it to the draft, or should we start work on a
separate one that defines those hybrid algorithms?
--
Regards,
Alicja (nee Hubert) Kario
Principal Quality Engineer, RHEL Crypto team
Web: www.cz.redhat.com<http://www.cz.redhat.com>
Red Hat Czech s.r.o., Purkyňova 115, 612 00, Brno, Czech Republic