IETF Logo Mail Archive

[TLS] Re: Working Group Last Call for Post-quantum Hybrid ECDHE-MLKEM Key Agreement for TLSv1.3

John Mattsson <john.mattsson@ericsson.com> Mon, 20 October 2025 11:05 UTC

Return-Path: <john.mattsson@ericsson.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id B194977BC0C3 for <tls@mail2.ietf.org>; Mon, 20 Oct 2025 04:05:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=ericsson.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qmDV_H2fPpgv for <tls@mail2.ietf.org>; Mon, 20 Oct 2025 04:05:55 -0700 (PDT)
Received: from OSPPR02CU001.outbound.protection.outlook.com (mail-norwayeastazon11013022.outbound.protection.outlook.com [40.107.159.22]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id EE9DF77BC0BC for <tls@ietf.org>; Mon, 20 Oct 2025 04:05:54 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=in9PdSFNxV/zsSEu8y3KbCdwLiLxgXg8LawEQBRm+/b2v7axj4kXfDtfmbI217p8kk9VdeOtO/pRlcKgBYvYTNAjc6oYn8RnFJwVn1cuZGkQxCcVAtton0/jf/9geFdphHgBmvy8k/UDBwwAxGxTHpe/E4DVI7Oa8GL163Wb4ln7PCjamooQbzi42qsGzc8pwhNeq6Mkti4axPnmLND2brHGgeXSGhUtJKhCmbVcCU1M2CpqwOQlVKBv38SsFnXK+3Q5/O0WLUkpeIoaLs6hIyZUUPTWDkLqp5pG0E723xtr3lXPet79yC5f6ssv5fXs7cHrcaFIK4rDnAy9j6CYyg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=JK4gePs7PXwIlc6x76BF0IKaJFqnlDTClPjferkOEuc=; b=ZZDhxZx+9UYFk9Fw60vEJYHT+rVgpSgZ9QFSuyES96r9nxNIzAZijz11mTc8eWQGG+0ctV1k3sySAOAvIbaKnsSxMtsY4zlrhf+qjkIk0zIMPixnjqANLezV+R0ub8LaSgBLAaMJPAflvmfz+lLHwFkHxBq4XJb2iQlbVyU1ENWCCUUV32sVoiAGqxZ6ofkGPI3f46zGqW6tL++jyC8pwvo3eXhU6enyxo43hYivVZLi/9DJmtW4yGr52HE46h0vq2QFwuHgYSqyGO9nCmlpBz5ZRt4JUHwf+p0jo+gkPGHCmwpGEmLRM1aYp9BNEFuR6TQwSosm4QV0B9+Sokk3Nw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JK4gePs7PXwIlc6x76BF0IKaJFqnlDTClPjferkOEuc=; b=yWWphpsyN97H4zCvr4ePABBI6gI6ZGuCRO/eiTBhsYIHCg9lqyyckL/B3IkySpbuWvlHE1iqOi2Tx44kQDLn0t4KrMLA4gjx4mF3t231I4mIKC6hNBEzGA1KGQfdsxHkdaI8WcDEoyGMZweUq48FuR5VegE7g+8KjPC11+ckACenLWydz+zouHHGkjdQNvf+nD/5GOJyxoE8DsAL7C3dltXATduiAgMxPC4cHL3L2TZ10WI9iRJQcsS0vqDUkqZLaB8PfF59uJZU90L23NIZ8jM8ptCyRup8PrDrTPFSeoeaGZct9QUYEz47heQzV/P+5DWqKZMjqUtFokaofCRUPA==
Received: from GVXPR07MB9678.eurprd07.prod.outlook.com (2603:10a6:150:114::10) by GV1PR07MB9095.eurprd07.prod.outlook.com (2603:10a6:150:8a::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9228.16; Mon, 20 Oct 2025 11:05:46 +0000
Received: from GVXPR07MB9678.eurprd07.prod.outlook.com ([fe80::bcf3:3f45:888e:a4b8]) by GVXPR07MB9678.eurprd07.prod.outlook.com ([fe80::bcf3:3f45:888e:a4b8%3]) with mapi id 15.20.9228.015; Mon, 20 Oct 2025 11:05:46 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] Re: Working Group Last Call for Post-quantum Hybrid ECDHE-MLKEM Key Agreement for TLSv1.3
Thread-Index: AQHcQa6kKvBq7m56ZEeyvT+tbsrTdg==
Date: Mon, 20 Oct 2025 11:05:46 +0000
Message-ID: <GVXPR07MB96783CA29F52103DA1B7A58689F5A@GVXPR07MB9678.eurprd07.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-reactions: allow
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: GVXPR07MB9678:EE_|GV1PR07MB9095:EE_
x-ms-office365-filtering-correlation-id: 80745e2f-671f-4f40-d340-08de0fc89ef3
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|376014|1800799024|366016|38070700021|8096899003|13003099007;
x-microsoft-antispam-message-info: hNzOmuyjQjFu72YvVOjV2WyKz/GTXrKpXKwdQIcpbL4s5ILeHkmwotchG6dDBHwXV0nBsw92Cpdia3lIAQXXS/tDISbyj6e56IhbF6SlFFTDhfvCyVaJY4xdboEyxGI4AFmlc104kgnsMawK76f//9XSEr20CQ0CnFm8GtQ1n5lOR9krDfPanEwTQ/2/YsSkn6oVwZnVQVbHuEfERnx1EYTLvM37FLi1IgsPMOfsnhnWPHhGAMQxZujQoiXGqXbnJTWm3qaV1Z/5Ws4bTTdh/ucwlKmc9JojLfuwzgO468/VpEVfdquSOQGz0S832tp4lVDvDvNVcjmxX0uhqpPS7vRME7qHRXpS6j6OsQ8kcuKousvsouQhY2AZktNqShMsgGZiGK3YRBFENvuzbXp8QGMElV5Cy2TBxU5fx3DjvqqXzYMgvNGRxhzkGYEeE6J1wfmZpqFiMyQZpJeDSIL9ccqLFrP1eFMA7GepoKw7qJzap6ufBaHg8Ji8FSYukGLxFLE1TC8U14OFdmXKFYOVLfwtMD3dBgMWm7Ib4X4ggM0NOnEQCxEgWbamoGg+Oj1JhifSY6VrjhvLYXZnYnUI7baFEkICx/cU85gBPkIuHHj31pT7YV8CGmoBi1YGjJhWRoPnA3EqtlzL8kRt9jvd5CHwkDApRioyAhmEd92rXxR5CCsuY0WJfQ0RJt5j3yH2q+G9oAb0tBZJxuoxHzDHFebxHgp07RF/yi90tOeSNs2sfjDdMFuxFTHBPDkqdT4WHhz1eJLfNGhLZ/62mwivDAUoJJF3d2Symhd7WGScbd4FzYFSnC5ajryc7RchjxZulH1mr6HyVOWf5si7lAAqeh8yKy4tvXlb7DBbXOqZl3YhyMfaJvBeLi7t2FYxg7yOtFcdHv35brFvs9f5vWCfFicohKMVXxPVbeoUrpzSJwfWf78UiFtSKz/XaYqvnCHWxvV7HXiyHZkHtDwXWtiVAYMPJ4VXe1UQJO4tsXXZKABiOtkUe6ZIJrj5hVIi/HAc44tBeC+/2OZTqyOoOEtxr815HXHeJmGsL/h0uTTrM98XaN17p3H4jgECWOTKuCa5ExoHnPboL8aEaWIgR66A0YZ4eXyYZ50ACsiWFW5c6dBQmTCcZI3n33SJm0mNHhQoFlXHCOEltiSiILcBPm11f8EBGgfYMat/VKIk0ZGdqp73zr8AAJZ16AjhRKfmqUjibNHpuRC3g8snjbNBj3HmNas5AYxiiTV8cf1n9FGH4gqjdiR4YlRxIs+hTUxUWNnEpOPPGAZudPMcqQqVz1ZxeElgBP4H+PCcG3k3g+ij6dzXqdH5OM3/Fw9ezW9FyUa72tlraWd1hJO9AlRRpGSqj3HvA0xF1xvwGrlInLxULHlb2HBMPNXlLQ/84zUGrOq6O4JOFwfuIZYPBpA2XtLSVF9xmAj45uvTHT43Hxghy5sAXuxsAESVL0rQ9z0aTpVlTDo4mgI6OHMrU2tHUImLwQ==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:GVXPR07MB9678.eurprd07.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016)(38070700021)(8096899003)(13003099007);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: IxUe09f2AiaEkU1dd1xU6m7WcPJl0oo31LxtsWoZE/QMvPCPL3eyAlKcq0IKiRpDVdLjfp+cgldl+PCNl6zlgKzUw+xsGAyR+/IpWVEsrraeO3LOo73He/GJKutfRWWwKL1wOJ3eIgxfPma/Mg4PwYyqNAnkJm9yBt/nvB2EvmhKO6loWljMuIOnECgyeHxhQkrt469cxBweKvKJBLiFz874ASH1AoanxCqCox3O/2VcUCoj4TxUDZWS0IXJK7jCUYeq9dFsfBqrp1Be0rYDUfv373FcwtzDGlw3rybkbdL4Fb0p0KE2LapERsvJywxfXP5yfp04hFw/yR1jJDwcLBeXLUVo6fPQ0sVYXO+GMIerAwlMycUtiLaN+Yfr48NMc9h8QF7RMwz6cwvXHuMS/vCnGG6ifrWk7cl8UwYigJj3UVcA/qbedzgndBDM7Vh43NT0ntCnyAAoVpCjXSTz1Pm3/376csma1NzCy29O2WNQszanSwWgHku8p+3Eb0ugWynni8ELz8XvEPVnErK8fn7sfL9bIDsXSwA57N1dDAOzFqXl46rrWPbDkR29h5CoPwNk7Ln/z0Bc8arhZgd5NTOrLHsZebQHGU9vhGDd7OWKjZdtjvnFIC+U7b+o3FXMIwzYi2ngQPFpqkcn8w9K8lrngGTEc9gkHH9Pe7gP/HJSGMGCd1qE9pq9WYOZed0HM1Vuz5cxMgp5Qf5atKWVF7cyXYVRF2wnuBxrjt8iWUdlCVOLsO7mi+rMzgELraNIkuo17q0luYbcoIlPy2H7/9rOUV56PKoQ3JsUE3zmqZ/Vqu5pt2+paW1HI6Lh5cE65/HaEUSdZFXRdXDtXAFTu/mR7MH6lqrhigA0esze3ULuAZpaBDqer9sDi1k+C+BwCFRjzvlIioDQdm9FoeYv10yp/Zakz9c4rX09b6zonrdY2se07SZUdv151De3ll7fV/Fhb5rCkBED8oZ3FlNrVZ3gs2gFNKrukP6T06l5yzXtke9dis+KePPa7BXjeFgwraYIe+IyEzJoUQIpT6Fv7Kgm1xceSNEr4PG+/0XCHPNRidYUT4WsOU0YD7+1jJtSevN7kLmUk3xjBymZw9mx3t3ag5XA5wuGX4RvFDU5aokCCdmo6xT4GL+H4U7DYPLvki7av9G1sVM047DT06/3mM+wfxsiQhCqFrSvjUpedxYdcrTLnPmznTCmGrscJGs1SPI9iZaJVMW/iqH1XhkU5k7WSpkgmB+OLlmNhJvCwaFn3NrFzPTNk6U7VsZ3kpyK5y+YETRpqH5juCBIrwKXP+F2KUBNudNx0M1ek7qbbmp/w+ncg/8qXRNFWSzIPWbmNGSncn5vbJaSA/bxXr9szDkBH55TKZx0K4j2gge8TDYy5qndLPYMid5b6f2+hxnbLgBHaWuG4vehIpSZ7D5iPDMWi7KYBgVjWPWiNikPtoMg1yWeLQKBynIyhBtzBXGNh5YCO3iii17OkSvdMMJFM3ApFYHx4iX/0+/ZdnWga3g8B23/t0i7+PjKovGhTjRuiGJVMId145AiImo7wR6KBwfUiGGnc80lDm1F/PyfGk4vZfbM5GCiqYzRxiHEHkdcNQr8aZ3Ijro0dd+6d4nGHktw5Mv8ji+jndpZwOf4A50=
Content-Type: multipart/alternative; boundary="_000_GVXPR07MB96783CA29F52103DA1B7A58689F5AGVXPR07MB9678eurp_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: GVXPR07MB9678.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 80745e2f-671f-4f40-d340-08de0fc89ef3
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Oct 2025 11:05:46.7704 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: yOYlgVHEazxGfbwZQAsyQzJP3hU1qsnezXOdqOV0Rpgu4dk2uQOdLMRwcQr86XyoP/Nb8+9wMXSweaGx068HIJRgAHrs4he/+o4tvp0Rn7M=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV1PR07MB9095
Message-ID-Hash: GPCN4JQC6QY6NFELDBYW3KCCK7VGEMUT
X-Message-ID-Hash: GPCN4JQC6QY6NFELDBYW3KCCK7VGEMUT
X-MailFrom: john.mattsson@ericsson.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Working Group Last Call for Post-quantum Hybrid ECDHE-MLKEM Key Agreement for TLSv1.3
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/GrPWEsh29LzS538I0Y46xd286UI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

Hi,

I am cornered with the current PR #53 suggesting that SP 800-227 “provides general guidance”. This is not a correct description.

As stated in FIPS 203, SP 800-227 provides requirements for the use of ML-KEM in applications. TLS 1.3 is such an application.

Unless the working group wants to discuss each requirement in detail, I would suggest just adding:

”As stated in FIPS 203 {{FIPS203}}, SP 800-227 {{NIST-SP-800-227}} provides requirements for the use of ML-KEM in applications.”

In general, I think it is very important that IETF follows NIST requirements when using a NIST algorithms like ML-KEM.

Cheers,
John

https://github.com/tlswg/tls-ecdhe-mlkem/pull/53
https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.203.pdf

v2.35.0 | Report a Bug | By Email | System Status