IETF Logo Mail Archive

[TLS] Re: [EXT] Re: WG Adoption Call for ML-KEM Post-Quantum Key Agreement for TLS 1.3

Stephen Farrell <stephen.farrell@cs.tcd.ie> Thu, 17 April 2025 18:09 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 4D00A1DBFEC2 for <tls@mail2.ietf.org>; Thu, 17 Apr 2025 11:09:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CjxZsyD2HjfJ for <tls@mail2.ietf.org>; Thu, 17 Apr 2025 11:09:35 -0700 (PDT)
Received: from DUZPR83CU001.outbound.protection.outlook.com (mail-northeuropeazon11023136.outbound.protection.outlook.com [52.101.67.136]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id D46A71DBFEAB for <tls@ietf.org>; Thu, 17 Apr 2025 11:09:34 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=VpOTD07y0dAEEDSCisFj7kL995lWKxylxHYRWeKmn7jNAcIt35BCOvde4+UlLGkVsfzGGCrxjRngmlDGdRhCrPacsFAgQc7QMDVfGDSfNE4GrW9j5PGbvakx1zvGYBmY49Cmv2VmkR/Ct4EAaK2a5hQFJ5XEoFdsla83MrwFTFTNjA4zz/nxN0ReT8nri6ob3n4b65rk9LLRJh/HfR3OZAN78/hQqwPV97gj9exmWvoHdUK0EHNBDy9Vuq/jK1DtLKWBC+TGIJTA+1o3pgQZTNyL8DcHWNR9Pp4r3RhRNHacqmPMxoE1Rca8AYeDNg1kCPzKXIkO2YSEOPY7Lm9dnw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ImY14V+eybKssIp+u7EhYsIyg9o8wWMSMiLwRqEqd1E=; b=mN2iJzUp4t9HWvRTeGNzaSy+ooaZYXNpZCgtO/x3jouHXji1Nx4isogZHua7VLDno22tldtoG2KuFVeUI1hwk4lOxBMXkn10hWeLyev2QT6aBqOfin/0LPNmSBfG+BlSwjNDB6oGTJPjCXDo+qwkMpjMD9BWzV8yODq81ehCsZND9jxBEfmgOqFnMaJqNUpEsQFnZFzu9chTjTTEuX24W3jf0EQY1bxossE5uTenNV7pVOk8ZYL5r1Q0nAmX0mT73lE/n6J70lu3cF6vCsg0PhXEtX/C4AlWvuXZKndU/+Cb3iGNfFVQ+qfRzMc7Q7ZVa/YDhBPI0JpYq2lKlebm4g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ImY14V+eybKssIp+u7EhYsIyg9o8wWMSMiLwRqEqd1E=; b=E3XqazuRsAgIJ3qDdAmx20o8J3Zq0HJszZak4O1+nFN5FSajET+zCOQvTI+jH5ZEwVvmx8qsHk8vZRVAp7j3NzjX5GIs42apJLTr+gV5NNDeGe7cP3jvN+NsNKEGL/+pjCRZnIoyo0STetNGSTcQBxLRF56boHUUhEpdgOKY60rKj0jtdpSQSTS960CSbaPj9nlqttEKZQS9f3t13u3dqaUehvv+nOO74ntTJq8N9WL5rvCWuqSyoCMhR2OurpvuOb3MfgKFeZKcLpWbXGe8z1JE5UDYJeyYXH8EMSDXyDrv2Dio9H7hhbyHkqL+6Y6Lf5Q4qffybn9v5ptOjAkiog==
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB8PR02MB5946.eurprd02.prod.outlook.com (2603:10a6:10:11c::16) by PAVPR02MB9794.eurprd02.prod.outlook.com (2603:10a6:102:313::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8632.34; Thu, 17 Apr 2025 18:09:31 +0000
Received: from DB8PR02MB5946.eurprd02.prod.outlook.com ([fe80::e0d3:772e:a68d:d54a]) by DB8PR02MB5946.eurprd02.prod.outlook.com ([fe80::e0d3:772e:a68d:d54a%6]) with mapi id 15.20.8655.025; Thu, 17 Apr 2025 18:09:31 +0000
Message-ID: <53e89655-97b5-43fc-a0b2-3f341fbc572c@cs.tcd.ie>
Date: Thu, 17 Apr 2025 19:09:28 +0100
User-Agent: Mozilla Thunderbird
To: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
References: <ca271cd7-1489-45a5-85b0-35dca4cbdddd@cs.tcd.ie> <CC953DB0-3051-4231-AA65-475638FEAE45@ll.mit.edu>
Content-Language: en-US
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Autocrypt: addr=stephen.farrell@cs.tcd.ie; keydata= xjMEY9GzphYJKwYBBAHaRw8BAQdAo6JvjmSbxHdQWPZdvciQYsHhM1NxQBU398Mmimoy4p7N M1N0ZXBoZW4gRmFycmVsbCAoMjU1MTkpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPsKQ BBMWCAA4FiEEMG54R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwMFCwkIBwIGFQoJCAsCBBYC AwECHgECF4AACgkQ5Njp+ZeoM93bogEA25ElRyX0wwg+kGEN1AoL60MoZfvQZ/VtmXY6IC5j +csBAIBpkL5ySuzJK2zLNZn9qQGht8IaUcA7cvDcLvS2uHUEzjgEY9GzphIKKwYBBAGXVQEF AQEHQILCPWOwW36e8D3pY8GmvvtItIT+A5uV80ist+WokVsQAwEIB8J4BBgWCAAgFiEEMG54 R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwwACgkQ5Njp+ZeoM92bcAEA8R+8cpqRUIS+SoAN iO05xE6O/wEx8/e88BqzAYki3SoBAOQdwiPX+MQrAxkWD8xxOsdMOAtxYKpkD1n8aPJUw6QJ
In-Reply-To: <CC953DB0-3051-4231-AA65-475638FEAE45@ll.mit.edu>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------tYcXViVNAdd2d0qgyHgRoq6H"
X-ClientProxiedBy: LO4P265CA0193.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:318::7) To DB8PR02MB5946.eurprd02.prod.outlook.com (2603:10a6:10:11c::16)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DB8PR02MB5946:EE_|PAVPR02MB9794:EE_
X-MS-Office365-Filtering-Correlation-Id: e9969bad-bfae-4153-ccf5-08dd7ddb0055
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|10070799003|376014|366016;
X-Microsoft-Antispam-Message-Info: D5B50sD8rPVLmTcII+hZT5xdfemn73kkxTNrDXy4Ppl9I+KUo3+bZq1ELJSeNFnU+xONMKCU6YOprko5j+HObE1zeCBK5CLqJlhOEdMITM76895ehG+AzrDyJ1dI28Ke/3i15nsTNHzBreOfVu32cKyRYMzHB19ye8XRHkXublaQeb7bbq5UnGAw0ebbJuE7azEwoOLUrNmehgqaoaQn9p+6HN+djxBUS2WKeidsOQkcdwP/SV/YYfBAdEFZA7rZk7ZnR4//WlgSrVnUcl7bHp28QyX3FOV5t4A+ISL2WFzJF2V7ZZtVDbh6NEstJFfejV/gNNjYfzjs0vjiVkLzv3BaFGErSawqMIQflQUlAhnazzB0+R3uMNrWflkBz2PgI81dmDUfh/uHJDjgoRuOknqAYLIbQ5bSL0ykOcyaFPWSq2ZJyXGBsrsDQbju8AJ9rn4OmW8hSyrMpTt02FvpkioidQRImNTZft2jpCKFJtDR45TFeLWmOUG5MfVZqAWeA/VR4uapla4Ofou+HflJPQcmE1BRxaSk/Tu3uVM3WzDN762c3QJzcwmZ1FHDfaVntekHcZhmgTgRYKsMMQTrjqLJU8dMMasf5E1Pad/e+Na3s35TKDEtDD38OpNWuFqQfLzQ2UBill3wVlUyNDrRDaZHBw4IlKtHNEbZcfROKiA+9jWVpxNGi0dpj/hER+rRBd3CySl3kfBYwMg4T3yqbIZh/vFtwMKLlLHDeIy5T0LsfBLChOc1JXr8dnF1n2LcKinFZa7mYptpUuty77zAWj+DJThyJQ5ppC7CdV5Puz9a7V/Xj/SuJb+VZ+LvuZOAvm0EqNfrgBU/I+rL5qpRYZgc/8IQ7sbQ5r5CA+GspcgkzaX7tBd7Cg/ajZHBY9YUo6amdonvc8JmazmIVcFS0YFep9UFmkE5lnE0Sp/ICbycXz1LoqpsHRQDYQy/U90lD+O6axraHQ4Z/xuArIz3wpPOdFlIaW4HTmCPCrYnXr9ydFoDPj4CU2fGbHx7jxEhoVqUmIlQgPXmlo8ksFuT71OUMqvgl7uRoyhHR7hT25EWIca3kIp1KisDf3/1xQh5O37Y9bQqt+1RaRtuF1Xl1/ou3bFmBRDdojr0gj8+nvfTaCCVR6PeD6x6cDaZqHkHIUp9ecwjk81U84CstqglNwfpud83cuwIAaACAGesSVOX3+CFxi310x7rL7ZkfMoLBWAZP6cRu+g3vx0/Lmo9eIjX8M+KwsdE5pIyxpCQqv+3b7PffKrlg727kr5r3+qccHj1xKVA3BF5sQAmkcsEY2V8rsZtFdlCWQTKGk/mzkWmrN4O5PPe3Zs3J9D+zxAewaGe4OICzoBciq+NRmtKxL3x1fJXUKOcSAY6ZwKPktMY68ALM0kUagYKY1aoNQZI9FJjOGirCsJHG5cQGNZ+I8LjcaOAmNC6EUZByQBsT+4=
X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB8PR02MB5946.eurprd02.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(10070799003)(376014)(366016);DIR:OUT;SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: eZFIOtmrvaQQp+TMTYV1vOqcJaodR7gvAw4s1GIFi4Kd8yMMptbMGNO8IUSQAwAxFuph4Ry2DBjqnvDshKW8r+HwdLmsj3nI3eJAKovowVsiue6vS4IxWyWZgyqfseZHARwyeA1gIn/sNhyYYpXV6L8+06RiIln2WS9RaJKQ+6py4WE6CIbnIyNhzbqIQgaV7dmWmfSoR8pNlykrL9HoDEV4nODGQlNHCKWvU8kxBrOSZPkCmWndYv9Nr5jfvXVXLlYgT+BIu5Sfvtbfq/7nslC3BUMYPK5k80DT2cCM7TDpVpD8YEXUX7j6F1RtTO1p8HA91CpegUt6lewAeqQaMLUiKNe2JPE+WYSjc+IvCX8lycDDYwfHpmvt606yPmfUDOxXuHlEj9mJ6pcFrPksHmBB1qXnCCRABV8bJ4rRPZLFOepwSNl+Huge2McxV42eXJR+dGAQBLZZouPyB5tt54iIU6kVbahk5P7b9GPzuyK7Uc+4X5KtgWF0etnSZ5snxSQGahhXK0rAVUAmBlBdIDl691oGCOzdqW+G9IlCm3bpel8y80cb+P6fJvKRcfXvBj2gGmi4NudP8SY8Z6lGOopWutnt4QdCoBfdkysnbhEyIIoJFCmwHFsMEpe+YuqLoxj0iNVGxKhVavPHBIY03AeNDgQzNnY6dcL40XOBhDJ19G6TotjpLtF24DVMicK2TawGfaNs+xmHcMGdlMEjyWDVmD3Rg5LsOXusx/BveqXLFsP1HqvkCcTvJ+XJ4QbsSzAZFrV9bizctbIlS74VC/u91sjauKl7vBEVvifRXOmWQNp9X3NVikEhmrRRrk+l+CbkiCEWRXXEIHfKd0FSocJs95b6yoC84lnLgQUBDCmTVOamHsLHJrLBUbbdwWREwenaMK+lFy7dBoSsPghvzCQA4La8GuY6483yIzvN5k8pYYL4JKHM88L4l1Pe0FKKTxMSNgi5DH6bpQ++lZgUsjzhcfg0WmW4csoEvRXvPRQ9yGqmChqRQYNaOYg6HLVkeE1r/VliFy10jpdQwCtlICXKxOkFTV3jq8I/CQ58m5rrbOFlyBTx0WenpjlmhrF6yIKx5/bjEYZrKAo7BYCBZkr/FdBWyNvPfr76IwnDA0eBw2vA7kLfoOIn7YMZ1LmGDhYFTkwL+2TMp1UiRjh0pWUGkXRHDYNIA2TsBCAIv151W0p2S5RDnn+gZaANw2M27milaAccMqLDEKn/UVNyOnZOYQ/2wZZMBxTBinrgPFN9eOT8CP9GWnHhFawNptt5R47ByPnwscqJUXU2X2blKCc6jCvIjO7o+Lq9Erzp12RT8eX6waRQPc/B1VVsUfCNgxhXYLVYYucRZUpDqviGYOrBBAwu5g8GuEN5F9Onv7kl8zIYMArEVnMEqJzPBjSbkKLeX7I2u8FVEoKagSjaf9SBmSVtx1QFzdYGGbv1vejnS6O4RNCJe4ksWzh542mT+w/Ewun0hezIzjKWH54wbG+gr3uUgKaFg7HsfQjKqqx2xv9GOXXY7t0YnQGwp+8xuDCVyDEmDwoaZJgDNCHR1H5ieCaTeCMa/fv4Q2ojX7m88Rx+k1r3fTvYuCrh3kfV2Q01iZRWqCRnD9QHUubMXg3lHER+98VS+lK3ief//uhdP20OiD+AxPUq/eOllH5o
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: e9969bad-bfae-4153-ccf5-08dd7ddb0055
X-MS-Exchange-CrossTenant-AuthSource: DB8PR02MB5946.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Apr 2025 18:09:31.8205 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 4QCGn/DkEHXbgKNzWm7L0fZMY2faeCd1MdBqNRjLxd42qQg51MDYVBtH9v5PnOzt
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAVPR02MB9794
Message-ID-Hash: D34N3GGO2R5O3QHUQ5HE6WF3BRXRV3I5
X-Message-ID-Hash: D34N3GGO2R5O3QHUQ5HE6WF3BRXRV3I5
X-MailFrom: stephen.farrell@cs.tcd.ie
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Thomas Bellebaum <thomas.bellebaum@aisec.fraunhofer.de>, "paul.wouters@aiven.io" <paul.wouters@aiven.io>, "tls@ietf.org" <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: [EXT] Re: WG Adoption Call for ML-KEM Post-Quantum Key Agreement for TLS 1.3
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/DdoZnjEFt2fkJGEb8JyqTQtJngw>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

Hiya,

On 17/04/2025 18:56, Blumenthal, Uri - 0553 - MITLL wrote:
> One reason hybrids add risks is the practical implementation/
> deployment/processes/management/maintenance part, as opposed to
> treating the issue as a pure mathematical formula - which deployed
> software apparently is not (some might argue that it should be, I
> let the reality speak for itself).

I'm relatively confident that the set of implementations that only
do pure-PQ and don't do hybrid will be so small as to make the
above an unconvincing argument.

> Since It looks like 3/4 of the audience holds position similar to
> mine - frankly, I don’t see why 3/4 must convince 1/4 that their
> position is valid (usually, it’s the other way around).

You are conflating the set of positions of all those who wanted to
adopt the draft with your own position. The two likely differ.

Cheers,
S.

PS: Yes it can get tedious dealing with others' arguments. But that's
what's needed generally even if it takes a while to understand what
other people mean.

v2.30.2 | Report a Bug | By Email | System Status