IETF Logo Mail Archive

[TLS] Re: WG Adoption Call for Post-Quantum Hybrid ECDHE-MLKEM Key Agreement for TLSv1.3

David Benjamin <davidben@chromium.org> Wed, 26 February 2025 20:35 UTC

Return-Path: <davidben@google.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id B137F236BE0 for <tls@mail2.ietf.org>; Wed, 26 Feb 2025 12:35:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -9.939
X-Spam-Level:
X-Spam-Status: No, score=-9.939 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.442, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietfa.org (amavisd-new); dkim=pass (1024-bit key) header.d=chromium.org
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietfa.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 40Hll5Y5qXek for <tls@mail2.ietf.org>; Wed, 26 Feb 2025 12:35:36 -0800 (PST)
Received: from mail-ed1-x531.google.com (mail-ed1-x531.google.com [IPv6:2a00:1450:4864:20::531]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 85C5E23686E for <tls@ietf.org>; Wed, 26 Feb 2025 12:34:44 -0800 (PST)
Received: by mail-ed1-x531.google.com with SMTP id 4fb4d7f45d1cf-5e050b1491eso2241208a12.0 for <tls@ietf.org>; Wed, 26 Feb 2025 12:34:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740602083; x=1741206883; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=xrXzyOrRDYySgPH2SMHbT8xqgatogb+62+RiPA6BNgU=; b=gBGbtGXKr1QULxKBaxN8GoEnMe1s9RzA4Se8Q2oP3Uh5R96yhuTS6LKWWVSSaZTopH bNrZzxDdVAeZBt0Hf+bRoHUYTHnKav6eb58v7rDq0+xWw3ejVCeJCfhQkusD1WwRMh13 uEdZkEVsdSR1I6yrM0l1ot6NxKZJhYZNIzm58=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740602083; x=1741206883; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=xrXzyOrRDYySgPH2SMHbT8xqgatogb+62+RiPA6BNgU=; b=EhukjNtPPefgie1CQ+RHeVSeMuS+ASZe3MKrlWkN67XzTXHIPYE16mKomfO6tRi72a ggKu8x37fAgmkbIGIVgIES47ACTA8357eDgoKtofHuyHp+FzdaP5hNqwqcv6Kd0kBL9j q63yhJm//TEvCpTwsctCIMaa59K7x9EcaceOOZW2/6dO1Ob9hBj+zj5kmfw5mINKpvrc gW/KzAswxcTECBNCsf9H+YbjopFujbwHAsDR0Jke8gHFxLSupOdtqXT/FtlMraWds/cX tkB6znaqt6+JEADdtZ/6a4TxDTatBXd9mXx3j50aw/6DL4SG9QSClja9rFGepO2qqtvp hgQw==
X-Forwarded-Encrypted: i=1; AJvYcCXiEg4xHhsVKxFwTLd1WUXWrY1ZPETKUS+rb656BRIlHpLejm+Td+UTQOfa46yVx510uP8=@ietf.org
X-Gm-Message-State: AOJu0Yz9tfnfGa6isdk6U9kcGm5KuNtpEsZkdQKrZX3iJ8Ro/Lzly2p9 RIO94/R8xfOmD98iRbGdmd+G4D2cLZhCGj27q9cx9+r64oK2muFDGiZCvgmot/pVOWzHYw5Eghl Q/uW9vCP+ifi6zWXz9zPH2bBlOG2pRftFOGs=
X-Gm-Gg: ASbGncuOG7TMF/On27f50wlfMjV5hn3rxIMafCj10AtOu3aCupdLT3Zb69UK48euqkn L83N2SD9nreKSL9LlOmCwKrFy3vTVvxutkafhHDTSWVGQsxT8RaOcs41pkLCgQ1CDqNfZzNzbs9 O6dd5LB2z/GLWAtuYtATnKj9RvTwaH+ZI=
X-Google-Smtp-Source: AGHT+IEeBHYqm0VZ44IeYZn1VVGECv5ttHgNsi4j0uO+3Iu5yIMoJ9cc51TVUPqiCrt8K9tThlQRO1asEM+cZzMLo5E=
X-Received: by 2002:a17:907:18c7:b0:abc:2aca:e5e1 with SMTP id a640c23a62f3a-abf05e0505fmr116616766b.8.1740602083355; Wed, 26 Feb 2025 12:34:43 -0800 (PST)
MIME-Version: 1.0
References: <68EDF12D-1C97-4823-AFFE-19BF261D7034@sn3rd.com> <E0D776C8-FD56-4D0B-BDC1-3AB88A8CEE88@heapingbits.net> <CAF8qwaDOEGkNHX9GWic30KYZAJ5yTXmjA3xnyV7cENUNh5pyDw@mail.gmail.com> <4D6B1665-4E99-437D-BF8F-1F47383F6976@heapingbits.net>
In-Reply-To: <4D6B1665-4E99-437D-BF8F-1F47383F6976@heapingbits.net>
From: David Benjamin <davidben@chromium.org>
Date: Wed, 26 Feb 2025 15:34:24 -0500
X-Gm-Features: AQ5f1Jo9I5tTsH_XZFgrMDktnIrcYsnE1iD3Ay5f4IZ0BukauL7btOm-7SeCeBs
Message-ID: <CAF8qwaDt3wSEkO3DNaN6ufRiAnw12ET0KF6R9DMsTViTmuSo1A@mail.gmail.com>
To: Christopher Wood <caw@heapingbits.net>
Content-Type: multipart/alternative; boundary="000000000000e058d2062f11803b"
Message-ID-Hash: ZWNTHW6O64FCQE4ILMVPVE4WBB7BSUX4
X-Message-ID-Hash: ZWNTHW6O64FCQE4ILMVPVE4WBB7BSUX4
X-MailFrom: davidben@google.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "TLS@ietf.org" <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: WG Adoption Call for Post-Quantum Hybrid ECDHE-MLKEM Key Agreement for TLSv1.3
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/DEXg1RKoYwif_oKyUcQy2Int_og>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

On Wed, Feb 26, 2025 at 3:20 PM Christopher Wood <caw@heapingbits.net>
wrote:

> Being concerned about the WG's time makes sense, but given that this is a
> case where the WG has gotten very very behind running code, hopefully we
> can try to stamp this one with minimal fuss and time spent. After all,
> we've already been debating the finer points of this one since before this
> document existed. To that end, I would suggest that we all try to progress
> this document quickly. :-)
>
>
> Definitely. Maybe we can adopt before Bangkok and then start WGLC
> immediately after. =)
>

+1


> Best,
> Chris
>
>
> David
>
> On Wed, Feb 26, 2025 at 2:45 PM Christopher Wood <caw@heapingbits.net>
> wrote:
>
>> As I understand it, the purpose of this draft is to specify an
>> interoperable key exchange mechanism that we can deploy. The draft already
>> has code points allocated to it, and they exist in the registry
>> <https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8>,
>> so I wonder: what is the point of adopting this draft when the important
>> work is already done? If it’s that some folks won’t implement it until
>> there’s an RFC number assigned to it, well, that’s pretty silly. I support
>> adoption if it helps this work get implemented more broadly, but I think
>> it’s worth asking whether or not this is a good use of an already busy
>> working group’s time.
>>
>> Best,
>> Chris
>>
>> On Feb 26, 2025, at 1:26 PM, Sean Turner <sean@sn3rd.com> wrote:
>>
>> At IETF 121, the WG discussed “Post-Quantum Hybrid ECDHE-MLKEM Key
>> Agreement for TLSv1.3”; see [0] and [1]. We also had some discussion in an
>> information gathering thread; see [2]. We would like to now determine
>> whether there is support to adopt this I-D. If you support adoption and are
>> willing to review and contribute text, please send a message to the list.
>> If you do not support adoption of this I-D, please send a message to the
>> list and indicate why. This WG adoption call will close at 2359 UTC on 12
>> March 2025.
>>
>> One special note: this adoption call has nothing to do with picking the
>> mandatory-to-implement cipher suites in TLS.
>>
>> Thanks,
>> Sean & Joe
>>
>> [0] Link to I-D:
>> https://datatracker.ietf.org/doc/draft-kwiatkowski-tls-ecdhe-mlkem/
>> [1] Link to slides:
>> https://datatracker.ietf.org/meeting/121/materials/slides-121-tls-post-quantum-hybrid-ecdhe-mlkem-key-agreement-for-tlsv13-00
>> [2] Link to information gather thread:
>> https://mailarchive.ietf.org/arch/msg/tls/yGZV5dBTcxHJhG-JtfaP6beTd68/
>> _______________________________________________
>> TLS mailing list -- tls@ietf.org
>> To unsubscribe send an email to tls-leave@ietf.org
>>
>>
>> _______________________________________________
>> TLS mailing list -- tls@ietf.org
>> To unsubscribe send an email to tls-leave@ietf.org
>>
>
>

v2.29.0 | Report a Bug | By Email | System Status