[TLS] Re: draft-connolly-tls-mlkem-key-agreement
Viktor Dukhovni <ietf-dane@dukhovni.org> Sat, 14 December 2024 07:59 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 19113C14F6A0 for <tls@ietfa.amsl.com>; Fri, 13 Dec 2024 23:59:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.103
X-Spam-Level:
X-Spam-Status: No, score=-2.103 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=dukhovni.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GqmNzy7U8UML for <tls@ietfa.amsl.com>; Fri, 13 Dec 2024 23:59:33 -0800 (PST)
Received: from chardros.imrryr.org (chardros.imrryr.org [144.6.86.210]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 53094C14F693 for <tls@ietf.org>; Fri, 13 Dec 2024 23:59:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=dukhovni.org; i=@dukhovni.org; q=dns/txt; s=f8320d6e; t=1734163168; h=date : from : to : subject : message-id : reply-to : references : mime-version : content-type : in-reply-to : from; bh=pa2x49SOsYs839MBYn5ADU4kG9eTHeQTgDEXaxjpmE0=; b=fFx3hw8vkWlLLfzl6ZEytxbM26xZEIVj8obrerrNssQHLam2A1dRwyJyder7Q8+FCCGKs tXxgnFLBVzZywutSP3X34NjW/6QCmu4T2pw6Rua0vMIh9gime1gD8XOoj67Rj1meTNLQLMA QR1Q4gWqhm+j1bYnfstN2x4w8XU83z0=
Received: by chardros.imrryr.org (Postfix, from userid 1000) id C5A7692B6F8; Sat, 14 Dec 2024 18:59:28 +1100 (AEDT)
Date: Sat, 14 Dec 2024 18:59:28 +1100
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: tls@ietf.org
Message-ID: <Z1064C9u18E-zRcd@chardros.imrryr.org>
References: <CAChr6SwZ4ZpsaGGin-mk90CSXKis7Pe5J-2Um5tiaxBHwKRTQA@mail.gmail.com> <20241214021528.652899.qmail@cr.yp.to> <CAOgPGoB8w-vjVckdnE8T5M=Pw8H-GeVyePWFiUTUWXDp9akCSA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAOgPGoB8w-vjVckdnE8T5M=Pw8H-GeVyePWFiUTUWXDp9akCSA@mail.gmail.com>
Mail-Followup-To: <tls@ietf.org>
Message-ID-Hash: ZO5ANA4QVCEABKJISPO4QCON3HODHJSF
X-Message-ID-Hash: ZO5ANA4QVCEABKJISPO4QCON3HODHJSF
X-MailFrom: ietf-dane@dukhovni.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Reply-To: tls@ietf.org
Subject: [TLS] Re: draft-connolly-tls-mlkem-key-agreement
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/CvC9VlgnXdF2jh_Ooqex0_bhaN0>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
On Fri, Dec 13, 2024 at 08:24:24PM -0800, Joseph Salowey wrote: > You continue to violate list policy with unprofessional commentary on other > participants' motivations and repeatedly raising points that are out of > scope. Please stop this behavior. This is the last warning before we will > take action and temporarily ban you from the list; see BCP 94 [0]. > > [0] https://datatracker.ietf.org/doc/html/rfc3934 I personally find this threat excessive under the circumstances, however forceful, or insistent on being heard, Dan may be at times, history has shown that he is often enough ultimately proved right, years or decades later. However "inconvenient", IMHO his voice should not be suppressed. If his strong view is that pure PQ KEMs (probably not just ML-KEM/Kyber), are too novel to be responsibly relied on without a classical fallback, then he should IMHO able to forcefully make that case. If there is nevertheless a demonstrable plurality of reputable cryptographers on record as saying that *pure* PQ KEMs are (despite initial implementation bugs) strong enough to move towards deployment, then Dan's view may not prevail, but I do not find his posts to be beyond the pale. There were also (with IIRC Dan instrumental in bringing these to light) some early side-channel issues in AES, that AFAIK still apply to some reference pure software AES implementations, and when used securely, AES is hardware assisted, or slower if counter-measures are implemented. The AES issues were unfortunate, and ideally would have been identified prior to standardisation, but proved "fixable". If we're in luck that'll also be true with Kyber, but arguments for some caution don't come across as unfounded. -- Viktor.
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Watson Ladd
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Jay Daley
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Russ Housley
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Andrey Jivsov
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Deirdre Connolly
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Scott Fluhrer (sfluhrer)
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement D. J. Bernstein
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Salz, Rich
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement John Mattsson
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement D. J. Bernstein
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement D. J. Bernstein
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Alicja Kario
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Andrei Popov
- [TLS] Re: [EXT] Re: draft-connolly-tls-mlkem-key-… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: [EXT] Re: draft-connolly-tls-mlkem-key-… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Sean Turner
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Filippo Valsorda
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Rob Sayre
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement D. J. Bernstein
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Santosh Chokhani
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Jay Daley
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Sophie Schmieg
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Jay Daley
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Dan Harkins
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement D. J. Bernstein
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement D. J. Bernstein
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Jay Daley
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Sophie Schmieg
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement D. J. Bernstein
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Deirdre Connolly
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Joseph Salowey
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Deirdre Connolly
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement D. J. Bernstein
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Viktor Dukhovni
- [TLS] draft-connolly-tls-mlkem-key-agreement Scott Fluhrer (sfluhrer)
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement John Mattsson
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement D. J. Bernstein
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Scott Fluhrer (sfluhrer)
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Salz, Rich
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Filippo Valsorda
- [TLS] Re: [EXT] Re: draft-connolly-tls-mlkem-key-… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement D. J. Bernstein
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement John Mattsson
- [TLS] Re: [EXT] Re: draft-connolly-tls-mlkem-key-… Stephen Farrell
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement D. J. Bernstein
- [TLS] Re: [EXT] Re: draft-connolly-tls-mlkem-key-… Viktor Dukhovni
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Loganaden Velvindron
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: [EXT] Re: draft-connolly-tls-mlkem-key-… Stephen Farrell
- [TLS] Re: [EXT] Re: draft-connolly-tls-mlkem-key-… John Mattsson
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement John Mattsson
- [TLS] Re: [EXT] Re: draft-connolly-tls-mlkem-key-… Joseph Birr-Pixton
- [TLS] Re: [EXT] Re: draft-connolly-tls-mlkem-key-… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement John Mattsson
- [TLS] Re: [EXT] Re: draft-connolly-tls-mlkem-key-… John Mattsson
- [TLS] Re: [EXT] Re: draft-connolly-tls-mlkem-key-… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement D. J. Bernstein
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Alicja Kario
- [TLS] Re: [EXT] Re: draft-connolly-tls-mlkem-key-… Bas Westerbaan
- [TLS] Re: [EXT] Re: draft-connolly-tls-mlkem-key-… Watson Ladd
- [TLS] Re: [EXT] Re: draft-connolly-tls-mlkem-key-… D. J. Bernstein
- [TLS] Re: draft-connolly-tls-mlkem-key-agreement Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: [EXT] Re: draft-connolly-tls-mlkem-key-… D. J. Bernstein